Vimeo Confirms Data Breach via Anodot Supply Chain Attack
Key Takeaways
- Vimeo user emails, video titles, and metadata were exposed through the Anodot breach
- ShinyHunters threatens to publish stolen data by April 30 unless ransom is paid
- No video content, account credentials, or payment information was compromised
Vimeo has confirmed that an unauthorized actor accessed user data following a breach at Anodot, a third-party analytics vendor. The video platform disclosed the incident after the ShinyHunters extortion group claimed responsibility and threatened to publish stolen data.
The breach primarily exposed technical data, video titles, and metadata. Some customer email addresses were also accessed. Vimeo emphasized that video content, account credentials, and payment card information were not compromised.
What Data Was Exposed
"We have identified that, as a result of the Anodot breach, an unauthorized actor accessed certain Vimeo user and customer data," the company stated. "Our initial findings suggest that the databases accessed primarily contain technical data, video titles and metadata, and, in some cases, customer email addresses."
“Our initial findings suggest that the databases accessed primarily contain technical data, video titles and metadata, and, in some cases, customer email addresses.”
— Vimeo
Vimeo serves over 300 million registered users and generated $417 million in annual revenue. The company trades publicly on the Nasdaq and employs more than 1,100 people. Platform operations remained unaffected during the incident.
ShinyHunters Issues Ransom Deadline
ShinyHunters, a notorious extortion group, listed Vimeo on their portal on April 27. The group claims to have obtained data from Vimeo's Snowflake and BigQuery instances. They set an April 30 deadline for ransom payment.
Beyond the data leak threat, ShinyHunters warned Vimeo to expect "several annoying digital problems." The group did not specify how much data they obtained from Vimeo specifically.
The Anodot Supply Chain Attack
The breach originated at Anodot, a data anomaly detection company. Attackers stole authentication tokens and used them to access customer environments. The primary target was Snowflake instances, from which attackers exfiltrated data across multiple organizations.
Vimeo is not the only victim. ShinyHunters also claimed to have stolen more than 78.6 million records from game developer Rockstar Games through the same Anodot compromise. The group is now attempting to monetize stolen data through extortion across multiple downstream victims.
Vimeo's Response
Vimeo has taken several immediate steps. The company disabled all Anodot credentials and removed the service's integration from its systems. Third-party security experts are now assisting with the investigation.
Law enforcement authorities have been notified. Vimeo committed to providing updates if the investigation uncovers additional information about the scope or impact of the breach.
- All Anodot credentials disabled
- Anodot integration removed from Vimeo systems
- Third-party security experts engaged
- Law enforcement notified
Logicity's Take
What Vimeo Users Should Do
Vimeo has not indicated whether individual users will receive breach notifications. If you use Vimeo, watch for phishing attempts that reference your video titles or account details. While passwords were not exposed, changing your Vimeo password and enabling two-factor authentication is a reasonable precaution.
Business accounts should review what data they store on Vimeo and assess whether exposed metadata poses any confidentiality concerns. Video titles and technical metadata could reveal project names or unreleased content details.
Frequently Asked Questions
Was my Vimeo password exposed in the breach?
No. Vimeo confirmed that account credentials were not accessed in the Anodot breach.
Did attackers access uploaded videos?
No. Video content was not compromised. Only metadata, video titles, and some email addresses were exposed.
Who is responsible for the Vimeo breach?
The ShinyHunters extortion group claims responsibility. They compromised Anodot, a third-party vendor Vimeo used for analytics.
What should I do if I have a Vimeo account?
Enable two-factor authentication, update your password as a precaution, and watch for phishing emails that reference your video titles or account details.
Is Vimeo paying the ransom?
Vimeo has not disclosed whether it will pay. The company is working with security experts and law enforcement.
Practical security tips relevant to breach victims
Need Help Implementing This?
Source: BleepingComputer
Huma Shazia
Senior AI & Tech Writer
Related Articles
Browse all
Kraken Crypto Exchange Extortion: Hackers Threaten to Leak Internal Videos After Insider Breach
Cryptocurrency exchange Kraken is being extorted by hackers who obtained videos of internal systems through bribed support employees. The company says no funds were compromised and refuses to pay, with only about 2,000 accounts affected. Kraken is working with federal law enforcement to prosecute everyone involved.
Windows 11 KB5083769 and KB5082052: April 2026 Patch Tuesday Brings Smart App Control Changes and Security Fixes
Microsoft's April 2026 Patch Tuesday updates are now live for Windows 11, bringing critical security patches alongside a welcome change to Smart App Control. You can finally toggle SAC on or off without wiping your entire system. The updates cover versions 23H2, 24H2, and 25H2.
Zero Trust Identity Security: 5 Ways This Framework Actually Stops Credential Theft
Stolen credentials caused 22% of breaches in 2025, making them the top attack vector. Zero Trust promises to fix this, but only when it's built around identity as the core principle. Here's how organizations can implement it properly.
Open Source PR Backlogs: Why Your GitHub Contribution Sits Unreviewed for a Year
A developer's Jellyfin pull request has been waiting over a year for merge despite two approvals, exposing a systemic crisis in open source maintenance. Queuing theory explains why backlogs grow exponentially, and 60% of maintainers have quit or considered quitting due to burnout.
Also Read
Linux Kernel Killswitch Proposal Would Block Vulnerable Functions
An Nvidia engineer has proposed adding a killswitch to the Linux kernel that would let administrators disable vulnerable functions while waiting for security patches. The proposal comes one week after researchers discovered a root exploit called Copyfail that left users exposed during the patch window.
F1 Tweaks 2027 Engine Rules to Fix Hybrid Power Problems
Formula 1 stakeholders have agreed in principle to rebalance the V6 hybrid power split for 2027. The change adds 50 kW to the combustion engine while reducing electric motor output by the same amount. This follows complaints that the 2026 regulations left cars struggling with battery depletion mid-lap.
1.1 Million Baby Monitors Exposed by Single Security Key
A security researcher discovered that over a million Meari Technology baby monitors and security cameras could be accessed remotely using a single key extracted from the Android app. The Chinese white-label manufacturer supplies cameras to brands including Wyze, Intelbras, and Petcube.