ShinyHunters, the extortion group behind a wave of Snowflake-linked breaches, has put Vimeo on a clock: pay up or face a public data dump by April 30.
The breach didn’t come through Vimeo directly. Attackers hit Anodot, a data anomaly detection vendor, by stealing authentication tokens and using them to access customer cloud environments, primarily Snowflake. Vimeo was a downstream casualty. The accessed data includes email addresses, video titles, metadata, and technical records. Account credentials, payment card data, and uploaded video content were not accessed, and Vimeo says its platform operations remained unaffected throughout.
ShinyHunters listed Vimeo on its extortion portal, claiming to have pulled data from the company’s Snowflake and BigQuery instances. The group hasn’t disclosed the record count. Beyond the ransom demand, ShinyHunters warned that Vimeo should expect “several annoying digital problems,” language that signals potential follow-on disruption beyond just the threatened leak.
Vimeo, a $417 million-revenue platform with over 300 million registered users and over 1,100 employees, has moved quickly. It disabled all Anodot credentials, removed the vendor integration, engaged third-party security experts, and notified law enforcement. The company says it will provide updates if the investigation uncovers important new information.
The Anodot incident isn’t Vimeo’s problem alone. Rockstar Games is among the confirmed downstream victims, with ShinyHunters claiming more than 78.6 million exfiltrated records from that breach.
For Vimeo, the clock runs out April 30.
James Okafor