Vimeo, the second-largest video hosting, sharing, and streaming service, has confirmed a data breach that affected approximately 119,000 users and customers.
With a market share of over 18%, Vimeo rivals Google’s video hosting platform, YouTube. The streaming platform enables over 300 million creators to share videos, and over 11% of websites integrate media content. It employs over 1,100 people and reports an annual revenue of over $417 million.
Vimeo confirms third-party data breach
In late April 2026, Vimeo confirmed the data breach and began notifying impacted users. It also disclosed that the leak stemmed from a security incident affecting cloud hosting platform Snowflake via a third-party performance metrics platform, Anodot.
“Vimeo is aware of a security incident affecting Anodot, a third-party analytics vendor used by Vimeo and many other companies,” the company stated.
Upon learning of the data breach, Vimeo revoked all Anodot credentials, removed Anodot integrations, engaged experienced third-party cybersecurity experts, and notified law enforcement.
Similarly, the company is monitoring the situation closely and has implemented additional security measures to prevent a similar incident in the future. Previously, Vimeo had assessed that the data leak had exposed only email addresses and technical information such as video titles and metadata.
“Our initial findings suggest that the databases accessed primarily contain technical data, video titles and metadata, and, in some cases, customer email addresses,” the company wrote.
Nevertheless, the data breach did not expose video content, login credentials, or payment card information. It also did not disrupt Vimeo’s internal business operations or customer-facing services, suggesting that the attackers did not compromise the company’s internal IT infrastructure.
“Vimeo user and customer login credentials are secure. This incident did not cause any disruption to our systems or service,” the company added.
Meanwhile, data breach tracking website Have I Been Pwned? assesses that the leak exposed users’ names and email addresses, putting them at risk of phishing attacks. Consequently, impacted users should be on the lookout for unsolicited communication purporting to originate from Vimeo and avoid clicking on suspicious links and email attachments.
“This type of incident creates meaningful downstream risk by giving threat actors verified contact data and organizational context they can use in phishing, impersonation, and social engineering campaigns,” said Steve Cobb, Chief Information Security Officer at SecurityScorecard. “Even limited exposure can help attackers build more convincing lures and identify which individuals or organizations may be worth targeting next.”
ShinyHunters claims Vimeo data breach
The notorious English hacking group ShinyHunters has claimed responsibility for the Vimeo data breach and leaked 106 GB of the stolen data after the video streaming platform failed to pay the ransom. The cybercrime group gave Vimeo until April 30 to pay the ransom or have its stolen data published online, and also experience other “annoying digital problems.”
The cybercrime gang claims it breached Vimeo and other organizations by exploiting compromised Anodot integrations connected to Snowflake and BigQuery environments.
After gaining access, the attackers used Anodot authentication tokens to breach other third-party services. The Anodot security incident also disrupted Amazon’s S3 and Kinesis, suggesting the data breach may be worse than anticipated.
Previously, Red Dead Redemption 2 and GTA 5 developer Rockstar Games confirmed a data breach stemming from the Anodot compromise by ShinyHunters, which exposed over 78 million records. ShinyHunters also lists fashion powerhouse Zara as a victim of the Anodot breach.
ShinyHunters has perfected the art of compromising SaaS applications, having previously breached hundreds of organizations by exploiting their Salesforce instances via social engineering.
