Vimeo Targeted by Shiny Hunters Amid Rising Cyber Threats
Vimeo, the widely used video hosting and sharing platform, has recently come under the spotlight after allegedly becoming a target of the notorious hacking group known as Shiny Hunters. The group has reportedly issued a ransom demand, threatening to leak sensitive data if its conditions are not met.
In response to these claims, Vimeo has acknowledged the situation and stated that its internal incident response teams, along with an external forensic cybersecurity firm, are actively investigating the matter. The company has taken a firm stance against cyber extortion, confirming that it does not intend to comply with the ransom demands put forth by the attackers.
According to information circulating on a Telegram channel believed to be linked to Shiny Hunters, the breach may have originated through unauthorized access to Vimeo’s Anodot analytics platform. Hackers allegedly gained access to certain credentials via this route. However, Vimeo has reassured users and stakeholders that critical data—including video content, payment information, and user login credentials—remains uncompromised.
Despite these assurances, the attackers have escalated pressure by setting a deadline of April 30, 2026, for the ransom payment. Failure to comply, they claim, will result in the stolen data being either published on the dark web or sold to third parties, including marketing agencies. Such threats underscore the evolving tactics of cybercriminal groups, who increasingly leverage reputational damage as a means of coercion.
Notably, Shiny Hunters has been particularly active since February 2025, reportedly focusing on organizations connected to Salesforce environments. Vimeo is believed to be among several companies that fall within this broader targeting pattern, highlighting potential risks associated with third-party integrations and cloud-based services.
Carnival Corporation also falls victim to Data Breach
In a related development, Shiny Hunters has also claimed responsibility for a major cyberattack on Carnival Corporation, one of the world’s leading cruise operators. The breach is said to have exposed sensitive data belonging to approximately 8.7 million customers.
According to the hacking group, the compromised information includes personally identifiable data such as full names, email addresses, contact details, and dates of birth. While such claims are still being assessed, the scale of the alleged breach raises significant concerns about data security within the travel and hospitality sector.
Carnival Corporation has responded by stating that the attack stemmed from the compromise of a single user account. The company emphasized that it has since brought the situation under control and implemented necessary measures to mitigate further risks. These steps reportedly include strengthening access controls, enhancing monitoring systems, and conducting a thorough security review.
A Growing Pattern of Targeted Attacks
These incidents highlight a broader trend in the cybersecurity landscape, where threat actors increasingly exploit weak access points—such as third-party platforms or individual user accounts—to infiltrate larger systems. Organizations across industries are being urged to adopt stricter security protocols, including multi-factor authentication, continuous monitoring, and zero-trust architectures.
As investigations continue, both Vimeo and Carnival Corporation face the challenge of maintaining user trust while navigating the complexities of modern cyber threats. The actions taken in the coming weeks will likely serve as a benchmark for how companies respond to and recover from such high-profile security incidents.
Join our LinkedIn group Information Security Community!
