In what appears to be a significant security breach, footage and clips, including some full episodes from several yet-to-be-released anime titles from streaming services, Netflix and Crunchyroll, were prematurely leaked on social media platforms like TikTok and X (formerly Twitter).
The leaked content first started appearing online on August 6th.
In a statement to IGN, who was the first to report the leak, a Netflix spokesperson confirmed on Friday that a security breach at one of Netflix’s post-production partners had led to the unauthorized release of the footage.
“One of our post-production partners has been compromised and footage from several of our titles has unfortunately leaked online. Our team is aggressively taking action to have it taken down,” the Netflix spokesperson stated.
While Netflix declined to comment on which anime titles were affected, tech news outlet IGN reported that the leak included five episodes of the animated series Arcane Season 2, which is scheduled to be released on Netflix this November.
Other affected content includes “Terminator Zero” (the complete season), scenes from “Heartstopper” Season 3, “Ranma ½ (four episodes),” “Jentry Chau vs. The Underworld,” “Dandadan (six episodes),” and “Spellbound” as well as the highly anticipated films “Plankton: The Movie” and “Mononoke the Movie: Phantom in the Rain.”
In addition to Netflix, Sony-owned anime streaming service Crunchyroll was also compromised, albeit to a lesser extent, with the premiere episode of the highly acclaimed isekai anime “Re: ZERO—Starting Life in Another World S3” being leaked on 4chan and torrent websites. This episode reportedly included the “Japan Expo 2024” watermark, indicating that it was secured at Japan Expo 2024, which took place in July.
“We are aware of a content leak ahead of one of our fall series. We’ve opened an investigation to identify the source of this leak, and our team is taking action to have it taken down,” a spokesperson for Crunchyroll said in a statement on Friday while confirming the incident.
According to two sources, the unidentified partner in question is Iyuno, a media localization provider based in Burbank, California. On August 9, 2024, Iyuno posted the following “Security Incident Update” on its website:
“Iyuno is aware of a recent security issue, involving unauthorized access to confidential content. Protecting our clients’ confidentiality and ensuring the security of their content is our highest priority. We are actively investigating this security breach to mitigate any potential risks and identify the responsible parties. When there are material changes or information we will make further statements.”
According to its corporate site, Iyuno customers also include Netflix, Disney, HBO, A+E Networks, Amazon Studios, Warner Bros. Discovery, BBC Studios, DreamWorks, and eOne.
