Tokyo Metropolitan Police have arrested a 15-year-old high school student on suspicion of carrying out a cyberattack against Bandai Channel, a subscription-based anime streaming platform operated by one of Japan’s largest entertainment companies. The attack resulted in the fraudulent cancellation of more than 46,000 user subscriptions and forced the service offline for over a month.
How the Attack Unfolded
According to police, the suspect identified a vulnerability in Bandai Channel’s servers by analyzing the service’s network traffic. He then used ChatGPT to help develop a malicious program that automated the attack, sending fraudulent data to the company’s servers in November 2025. The resulting account cancellations prompted the platform’s operator to suspend the service entirely while repairs were made and affected subscribers were refunded.
After the company detected the intrusion and blocked the suspect’s access, he continued the unauthorized cancellations by repeatedly cycling through different IP addresses, according to investigators. The company reported the incident to police in November, and investigators traced the suspect through an analysis of communication records.
Prior Arrest and Admission
The teenager had first been arrested in June on suspicion of logging into the platform using another user’s account credentials. The subsequent investigation connected him to the broader, more destructive campaign. He admitted to the allegations and told investigators he had no grievance against the company. He described himself as self-taught in programming and said he enjoyed analyzing network communications.
Context and Company Background
Bandai Channel is owned by a major Japanese entertainment conglomerate known for publishing globally recognized video game franchises. The parent company has previously dealt with significant security incidents: in 2022, it disclosed a breach affecting customer data tied to unauthorized access at several of its Asian subsidiaries, an incident later claimed by the AlphV ransomware group.
This case is notable for the explicit use of an AI assistant to accelerate exploit development, illustrating how accessible tooling is lowering the barrier for attackers with limited formal training. Security teams should treat AI-assisted automation as a realistic threat vector when assessing exposure from relatively unsophisticated actors.
