When a company gets hit with two class action lawsuits in one month, that's not bad luck. That's a pattern. And Crunchyroll, the streaming platform that dominates anime distribution in the West, is now facing exactly that kind of scrutiny.

The second lawsuit, filed in California's Northern District, alleges that Crunchyroll failed to adequately protect user data after a third-party vendor, Telus Digital, suffered a security breach around March 12. According to Anime Corner, hackers claimed to have stolen 1 petabyte of data—and Crunchyroll customer information was included in the haul.

A petabyte is an almost incomprehensibly large amount of data. For context, that's roughly 500 billion pages of text, or every episode of every anime ever made, several times over. When hackers brag about stealing that much data, they're not exaggerating for effect. They're showing off.

Crunchyroll initially downplayed the breach, stating the exposed data was "primarily limited to customer service ticket data." The lawsuit alleges the exposure was far broader, potentially including customer support conversations, user profiles, and significant personally identifiable information. The difference between those two descriptions is the difference between "minor inconvenience" and "everyone should be changing their passwords right now."

The timing is particularly awkward. Anime has finally achieved mainstream legitimacy in Western markets. Crunchyroll is owned by Sony, merged with Funimation, and theoretically has the resources to build enterprise-level security. Instead, they're getting sued twice in four weeks because their infrastructure hasn't caught up to their cultural moment.

The lawsuit seeks up to $25,000 per class member, plus injunctive relief requiring improved security protocols. If you're a Crunchyroll subscriber wondering what you should do: change your password, enable two-factor authentication if you haven't already, and monitor your accounts. The lawsuit alleges Crunchyroll didn't notify customers until March 23—eleven days after Telus confirmed the incident.

Anime fans have supported Crunchyroll through clunky interfaces, incomplete catalogs, and regional licensing restrictions. The least the platform can do is not let hackers steal a petabyte of their personal information. That's not too much to ask.