Video site Vimeo blames security incident on Anodot breach

Video hosting platform Vimeo said user and customer data was stolen from a third-party analytics vendor during a recent data breach. 

A Vimeo spokesperson confirmed that recent claims of a data breach by a cybercriminal gang were related to a security incident at Anodot, a popular business analytics company. 

In a blog post released on Monday, the company tied the recent attack on Anodot to the longer string of attacks by Shinyhunters and related cybercriminal factions. Anodot did not respond to requests for comment.

“We have identified that, as a result of the Anodot breach, an unauthorized actor accessed certain Vimeo user and customer data. Our initial findings suggest that the databases accessed primarily contain technical data, video titles and metadata, and, in some cases, customer email addresses,” Vimeo’s security team wrote.

“Upon learning of the incident, we promptly disabled all Anodot credentials, removed the Anodot integration with Vimeo systems, and engaged third-party security experts to assist with the investigation. We have also notified law enforcement.”

The hackers did not access video content, user logins or payment card information. There was no disruption to Vimeo’s services, according to the statement. The investigation into the attack is ongoing, they added. 

Shinyhunters added Vimeo to its leak site on Tuesday morning, threatening the company with a data leak if a ransom was not paid by Thursday. The cybercriminals did not say how much data was stolen. 

The group has launched several high-profile attacks since the beginning of 2026, including more recent incidents involving education company McGraw Hill, home security company ADT and video game developer Rockstar Games.

Shinyhunters attributed the theft from Rockstar Games specifically to the breach at Anodot. The incidents follow reports of a broader supply-chain compromise involving Anodot that may have exposed sensitive data belonging to multiple customers. 

ShinyHunters recently claimed it had obtained authentication tokens belonging to the service, allowing it to access cloud environments used by more than a dozen organizations without breaching the companies directly. 

In their blog post, Vimeo linked to a January report from Google Threat Intelligence explaining the tactics used by Shinyhunters. The group does not exploit vulnerabilities in products, instead conducting voice and email phishing schemes that provide access to login data. 

Law enforcement action taken against several members last year has done little to stop the group from continuing a string of attacks against major companies in the U.S. and Europe. In January, the gang said it hacked Match Group — the operator of dating platforms including Tinder, Hinge and OkCupid — before launching its latest campaign of attacks.