236/69 Thursday, April 30, 2026
Vimeo, a global video hosting and streaming platform, has confirmed an incident involving unauthorized access to data, stemming from a security breach at Anodot. According to the company’s initial investigation, the affected data primarily includes technical information, video titles, and metadata. In some cases, user and customer email addresses were also accessed.
The incident has been claimed by the cybercriminal group ShinyHunters, which threatened to release the stolen data unless its demands are met within a specified timeframe. The attackers also claimed access to the company’s data via systems such as Snowflake and Google BigQuery. However, Vimeo stated that sensitive information—including user video content, account passwords, and payment card data-was not affected, and its services continue to operate normally.
The company has revoked all integrations and access related to Anodot and initiated a full investigation in collaboration with external cybersecurity experts. Relevant law enforcement authorities have also been notified. The incident is believed to be linked to the theft of authentication tokens, which were then used to access systems across multiple organizations. Vimeo stated it will provide further updates as more details become available from the ongoing investigation.