A new post attributed to the group known as ShinyHunters alleges that Vimeo has been compromised, adding the company to a growing list of recent targets. The claim surfaced on April 28, 2026, with the group stating it had accessed internal data through third-party systems and issuing a short deadline for response.
Alleged Entry Point Through Anodot
According to the message posted by the attackers, the breach is tied to Anodot, a third-party analytics provider. The group claims that access to Vimeo’s Snowflake and BigQuery environments was made possible through this earlier compromise. The statement itself does not include technical evidence, nor does it specify the scale or exact nature of the data allegedly taken.
Vimeo Acknowledges Third-Party Security Incident
In response, Vimeo confirmed that it is aware of a security issue connected to an external provider. The company stated that an unauthorized actor accessed certain user and customer data as a result of the Anodot-related incident. At the same time, Vimeo described the situation as contained, noting that steps had been taken to secure its systems and remove affected integrations.
The company’s own account indicates that the accessed information primarily includes technical data, video titles, metadata, and in some instances, customer email addresses. Vimeo also stated that video content, login credentials, and payment card information were not affected. These points remain part of the company’s internal findings, which are still under investigation.
Broader Context of Snowflake-Linked Activity
This incident follows earlier reporting that multiple organizations using Snowflake may have been exposed after attackers obtained authentication tokens from a compromised SaaS integration provider. The situation involving Anodot appears to be part of that wider pattern, though the full scope of related breaches remains unclear.
Snowflake and BigQuery are both widely used cloud data platforms designed to handle large-scale analytics and storage, making them attractive targets when access can be obtained through indirect means such as third-party integrations.
Ongoing Activity From ShinyHunters
The group behind the claim has been associated with a series of recent data exposure incidents. In addition to Vimeo, ShinyHunters has recently referenced or released data tied to multiple companies across different sectors, continuing a pattern of extortion-driven operations.
Conclusion
The situation surrounding Vimeo is still developing, with claims from ShinyHunters on one side and limited confirmed details from the company on the other. While Vimeo states that sensitive account credentials and payment data were not impacted, the extent of the accessed information and its potential use remains uncertain. As investigations continue, the incident highlights ongoing risks tied to third-party integrations and shared infrastructure in cloud-based environments.
0 Comments