A data breach impacting 119,000 Vimeo users has been confirmed following an incident in April 2026, where attackers exposed personal information through a compromise involving a third‑party vendor.
According to data from Have I Been Pwned, the attack was carried out by the ShinyHunters cybercrime group, which gained access through a security breach affecting Anodot, an external analytics provider used by Vimeo. The attackers later published a large dataset tied to the incident.
Reports indicate that ShinyHunters listed Vimeo on its extortion portal as part of a “pay‑or‑leak” operation, eventually releasing hundreds of gigabytes of stolen data. The exposed information primarily consisted of video titles, metadata, and technical records, along with approximately 119,000 unique email addresses, in some cases accompanied by user names.
Vimeo acknowledged that the breach originated from the compromise of Anodot and clarified that the exposed data did not include actual video content, valid account credentials, or payment card details.
In its official statement, Vimeo confirmed that an unauthorized party accessed certain user and customer information stored within systems connected to the third‑party vendor. The impacted data mostly contained technical metadata and, in some instances, user email addresses.
The company emphasized that its core platform was not disrupted and that sensitive account information remained protected. As part of its response, Vimeo revoked Anodot’s access, terminated the integration, engaged external cybersecurity specialists, and reported the incident to law enforcement authorities.
Investigations into the incident are ongoing, and Vimeo stated that additional updates will be provided as more details become available.
Following the disclosure, ShinyHunters released a 106GB archive of stolen files on its Tor‑based data leak site. The group is a well‑known player in cybercrime circles and is often linked to a loosely organized network referred to as “the Com,” which includes numerous English‑speaking actors.
ShinyHunters is recognized for targeting large organizations, stealing significant volumes of data, and leveraging public leak sites as a way to pressure victims into paying cryptocurrency ransoms. Their methods frequently involve social engineering techniques, particularly voice phishing, to obtain credentials and compromise cloud and SaaS platforms such as Salesforce, Okta, and Microsoft 365.
In recent months, the group has been tied to multiple high‑profile incidents involving organizations such as the European Commission, Odido, Figure, Canada Goose, Rockstar, and SoundCloud, where data was leaked after ransom demands were not met.
Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.
