**Vimeo**, a leading video hosting and streaming platform, has announced that unauthorized access to certain user and customer data occurred following a recent breach at **Anodot**. The video platform reports that while some customer email addresses were exposed, the majority of compromised information consists of technical data, video titles, and metadata. "We have identified that, as a result of the Anodot breach, an unauthorized actor accessed certain Vimeo user and customer data. Our initial findings suggest that the databases accessed primarily contain technical data, video titles and metadata, and, in some cases, customer email addresses," **Vimeo** stated in a blog post.  The **ShinyHunters** extortion group has claimed responsibility for the **Vimeo** breach, threatening to publish the stolen data by April 30th unless a ransom is paid. **Vimeo** serves as a major alternative to **YouTube**, boasting over 300 million registered users who upload, host, and share videos. ### ShinyHunters' Threat Yesterday, **ShinyHunters** listed **Vimeo** on their extortion portal, asserting they possess data from the company's **Snowflake** and **BigQuery** instances. In addition to the threat of data leakage, the group warned **Vimeo** to expect “several annoying digital problems.”  *Source: BleepingComputer* ### Anodot Breach Details The **Anodot** incident involved attackers stealing authentication tokens and using them to access customer environments, primarily **Snowflake**, and exfiltrate data. **ShinyHunters** is now attempting to monetize this breach through extortion and threats to leak stolen data from affected organizations. **Rockstar Games** was also impacted by the **Anodot** breach. ### Vimeo's Response **Vimeo** clarified that the exposed data does *not* include video content uploaded by users, account credentials, or payment card information. The platform's operations have not been affected. The company has disabled all **Anodot** credentials and removed the service’s integration with its systems. **Vimeo** is actively investigating the incident with the assistance of third-party security experts and has notified law enforcement. The company has committed to providing updates as the investigation progresses.  ## 99% of What Mythos Found Is Still Unpatched. AI chained four zero-days into one exploit that bypassed both renderer and OS sandboxes. A wave of new exploits is coming. At the Autonomous Validation Summit (May 12 & 14), see how autonomous, context-rich validation finds what's exploitable, proves controls hold, and closes the remediation loop.