A 15-year-old high school student in Saitama Prefecture, Japan, used ChatGPT to help write the code that took down one of Bandai Namco’s streaming services for six weeks. Police say the teenager found a flaw in Bandai Channel’s account-cancellation system, then asked ChatGPT to help finish the automation script when his own version ran too slowly. The result: 46,812 subscriber accounts auto-canceled in under four hours, up to 1.36 million records potentially exposed, and a company that owns Tekken, Pac-Man, and Dark Souls forced to take an entire platform offline while it figured out what had happened.

The Bandai Namco hack is not a ransomware story, and nobody is claiming a criminal syndicate was behind it. That is precisely what makes it alarming to security researchers: a minor with no professional background in software engineering used a consumer chatbot to close the gap between “curious kid with a script” and “capable attacker,” and it worked well enough to force a six-week service suspension at a company with roughly $9.57 billion in annual group revenue. This is a full breakdown of what happened, what Bandai Namco has confirmed, how it compares to other 2025-2026 gaming-industry breaches, and why security teams are treating it as an early data point in a much bigger trend.

What Happened: Inside the Bandai Channel Breach

Bandai Channel is a subscription video-on-demand service for anime and tokusatsu programming, operated by Bandai Namco Filmworks, the film and animation subsidiary of Bandai Namco Holdings. It is a smaller, niche product compared to the company’s blockbuster game franchises, which is part of why the breach caught the industry off guard – attention was on the game side of the business, not a streaming platform.

On November 4, 2025, between roughly 5:00 p.m. and 8:46 p.m. Japan Standard Time, someone began sending falsified requests to servers managed by Bandai Namco Filmworks. According to reporting from CBR, the requests systematically triggered the platform’s account-cancellation, or “withdrawal,” process across tens of thousands of accounts in a single evening. By the time the activity was noticed, 46,812 subscriber accounts had been automatically canceled.

Bandai Namco Filmworks suspended Bandai Channel’s entire operation on November 6, 2025 – disabling video playback, subscriptions, billing, and user profiles – and published a public notice on the service’s information site the following day, warning that customer data may have been affected. The company did not restore full service until December 19, 2025, a shutdown of roughly six weeks while it investigated and rebuilt its defenses, according to a timeline compiled by Let’s Data Science.

The suspect was not identified or taken into custody until months later. Tokyo Metropolitan Police detained the student, now 15, in June 2026, and the case was widely reported in Japanese and international press starting in early-to-mid July 2026 – nearly eight months after the original intrusion.

How a Teenager Weaponized ChatGPT to Write the Attack

What separates this Bandai Namco hack from a typical credential-stuffing or phishing incident is how the attack code came together. Police say the student, who was in his third year of junior high school when he found the flaw, identified the vulnerability by monitoring and analyzing network traffic flowing between his own device and Bandai Channel’s servers – a manual reconnaissance process, not an automated scan. He then wrote an initial version of the cancellation-triggering script himself.

According to quotes obtained by Local 12, the suspect described the process directly: “I created the source code for the withdrawal process myself. Since the processing was taking a long time, I asked ChatGPT and completed it in a different programming language.” In other words, ChatGPT was not used to invent the exploit from nothing – it was used to accelerate and rewrite code the student had already started, the same way a professional developer might ask an AI assistant to port a slow script to a faster language.

Once Bandai Channel’s systems detected the abnormal cancellation volume and began blocking the source, the student reportedly changed his IP address approximately 30 times to keep the script running, cycling through different connections each time his access was cut off. That evasion tactic, more than the initial vulnerability discovery, is what stretched a single evening’s disruption into tens of thousands of affected accounts before the whole platform was taken offline.

It’s worth being precise about what is and is not publicly known here. Neither Bandai Namco nor Japanese police have disclosed the specific technical vulnerability that allowed the cancellation requests to succeed at scale, and this article does not attempt to reconstruct it. The pattern investigators described, in general terms, looked something like this:

# Illustrative reconstruction of the REPORTED attack pattern only.
# The actual vulnerability and exploit code were never publicly disclosed
# by Bandai Namco or Japanese police, and are not reproduced here.

for account_id in enumerate_targets():
    request = build_cancellation_request(account_id)  # mimics a legitimate "withdrawal" call
    response = send(request, via=current_proxy)

    if response.status == "blocked":
        current_proxy = rotate_ip()   # suspect reportedly cycled ~30 IPs
        continue

    log(f"cancelled account {account_id}")

The takeaway for engineering teams isn’t the code itself – it’s that a request-forgery-plus-IP-rotation pattern, which has existed for decades, became dramatically easier for a non-professional to execute once a large language model could handle the part that used to require real programming skill.

Timeline: From First Intrusion to International Headlines

The eight-month gap between the original intrusion and the public arrest report is itself notable. Here is the confirmed sequence of events, drawn from Japanese police statements as reported by multiple outlets:

DateEvent
November 4, 2025Attacker sends falsified cancellation requests to Bandai Channel servers over roughly a 4-hour window; 46,812 accounts auto-canceled
November 6, 2025Bandai Namco Filmworks suspends all Bandai Channel operations for investigation
November 7, 2025Company publishes public notice warning that customer data may have been affected
December 19, 2025Bandai Channel service fully restored after security improvements
June 13, 2026Tokyo Metropolitan Police take the (by then 15-year-old) suspect into custody
Early-mid July 2026Case reported by Japanese wire services and picked up broadly by international tech and gaming press

That gap between the November attack and the June arrest reflects how these investigations typically work in Japan: tracing the intrusion back to a specific device and individual through communication records and server logs, then building a case sufficient for a formal detention, takes months even when the disruption itself was public and immediate.

What Data Was Exposed – and What Wasn’t

Bandai Namco Filmworks has said that up to 1,366,000 items of personal information were potentially accessible during the intrusion, according to TechNadu’s reporting. That figure covers records the attacker could theoretically have reached, not confirmed exfiltrated data – an important distinction the company has been careful to draw.

The categories of data potentially exposed include:

  • Email addresses
  • Account usernames and nicknames
  • Bandai Namco Coin balances (the platform’s virtual currency)
  • Select payment-related information tied to subscriptions

Bandai Namco has stated that passwords and full credit card numbers were not exposed, and as of the most recent reporting, the company says it has found no evidence that the accessed data was leaked to third parties or used for further fraud. That’s a meaningfully better outcome than a typical breach of this scale, and it lines up with the apparent motive: the attacker’s goal, based on his own statements to police, was disrupting the cancellation flow itself, not harvesting data to sell.

Still, “no evidence of misuse yet” is not the same as “confirmed safe,” and security researchers generally advise anyone who held a Bandai Channel account as of November 2025 to treat their email address and username as exposed – watching for phishing attempts that reference real Bandai Namco account details, and enabling two-factor authentication anywhere those credentials were reused. Shattered.io has covered how two-factor authentication is implemented and why credential reuse across services remains one of the most common ways a small breach turns into a much bigger one; see our broader explainer on how data breaches happen and how to protect yourself.

Bandai Namco’s Response and the Six-Week Blackout

Bandai Namco Filmworks’ response followed a fairly conventional containment playbook: suspend the affected service entirely, investigate, rebuild, and restore. Taking Bandai Channel completely offline for six weeks – rather than attempting a partial fix while remaining live – was a costly but conservative choice that limited the blast radius while the company confirmed the scope of what an attacker with reported administrative-level cancellation access might have also been able to reach.

The company has apologized to affected subscribers, offered refunds covering the membership periods disrupted by the incident, and said in a statement that it would “continue to conduct regular checks and strive to prevent any recurrence.” That is a notably measured, non-defensive posture compared to how some other 2026 gaming-platform breaches have been handled – Sony, for instance, has still not issued any public acknowledgment of the ongoing PlayStation Network account-takeover pattern that shattered.io covered in detail, months after individual victims went public.

Bandai Namco has not disclosed a specific financial cost for the incident, and given the relatively modest scale of Bandai Channel compared to the company’s core toy and game businesses, any direct hit to Bandai Namco Holdings’ consolidated results – which totaled roughly ¥1.05 trillion (about $9.57 billion) in group revenue in its most recent reported fiscal year, per Wikipedia’s company profile – is likely to be a rounding error. The bigger cost is reputational and operational: engineering time diverted to incident response, a subscription product dark for six weeks, and a fresh case study of exactly the kind of AI-assisted attack that security teams have spent 2026 warning about in the abstract.

Japanese authorities are pursuing the case under two overlapping legal theories, as reported across multiple outlets covering the arrest: suspected violation of Japan’s Unauthorized Computer Access Prohibition Act, and fraudulent obstruction of business – a charge frequently used in Japan for cyberattacks that disrupt a company’s operations, distinct from data-theft statutes. Because the suspect is a minor, his case will likely proceed through Japan’s family court system rather than standard adult criminal proceedings, which typically means different disclosure rules, sentencing options, and privacy protections than an adult defendant would face.

According to the same reporting, the student told investigators he had been teaching himself to code since elementary school, and that his motive was curiosity rather than financial gain or malice: “I happened to be able to access the information and had nothing against the company,” he reportedly said, adding in a separate account that he acted because “there were many accounts I could log in to.” Neither statement has been independently verified beyond the police account relayed to press, and shattered.io is not attributing intent beyond what investigators have said publicly.

That confessed lack of financial motive is part of why this case reads differently from most breach coverage. There was no ransom demand, no dark-web listing, and no extortion attempt – a pattern shattered.io has also seen this year in the Atlas Menu breach, where a hacker dumped a cheat-selling service’s user database purely out of personal grievance rather than for profit. Motive-driven, non-monetary breaches are becoming a distinct category worth tracking alongside traditional ransomware and credential-theft operations.

Not a One-Off: Japan’s Emerging Pattern of Teen AI-Assisted Hackers

The Bandai Namco hack is the second widely reported case in roughly eighteen months of Japanese teenagers using ChatGPT-assisted tooling to breach a major platform. In February 2025, Japanese police arrested three male students, ages 14, 15, and 16, who had met through online gaming, on suspicion of fraudulently obtaining phone contracts through Rakuten Mobile’s systems.

According to reporting from Mobile ID World, the group accessed Rakuten Mobile’s systems between May and August 2024. A 16-year-old from Gifu Prefecture wrote the primary program, with ChatGPT used to help build and refine the tooling. Police seized devices containing roughly 3.3 billion sets of IDs and passwords, including about 220,000 records tied directly to Rakuten’s own systems, and found the group had sold at least 2,500 fraudulent contracts for around ¥7.5 million (roughly $50,000) in cryptocurrency – proceeds the students reportedly spent on gaming consoles and online gambling.

Lined up next to each other, the two cases share a striking set of characteristics: male teenage suspects, self-taught programming backgrounds, ChatGPT used to accelerate rather than originate the attack code, and targets that were large, well-resourced Japanese consumer platforms rather than small businesses. Security researchers tracking this space, including analysts at Rapid7 and the Atlantic Council, have both flagged 2026 as the year this pattern moved from theoretical concern to a documented, repeatable one.

Market Impact: What This Means for Bandai Namco

Bandai Namco Holdings is best known to gamers as the publisher behind Tekken, Pac-Man, Dark Souls, Soulcalibur, Ace Combat, Ridge Racer, Digimon, and its stake in the Gundam franchise through subsidiary Sunrise – not as an anime-streaming operator. That’s exactly why this incident matters beyond its immediate scope: Bandai Channel is a comparatively minor product line inside a roughly 11,159-employee global entertainment conglomerate, yet it still produced a six-week outage, a public breach notification, and now an international news cycle.

For a company of Bandai Namco’s size, the direct financial exposure from this incident looks limited – no ransom was paid, no confirmed large-scale data resale has emerged, and the affected service represents a small fraction of a group that also spans toy manufacturing, arcade amusement centers, and its core video game publishing business. The more relevant market signal is about attack surface: large gaming and entertainment groups increasingly operate dozens of loosely related digital properties – companion apps, streaming spinoffs, community sites, loyalty-point systems – and this breach is a reminder that attackers, whether AI-assisted teenagers or organized groups, don’t need to hit the flagship game servers to cause real disruption. They can go after whichever subsidiary has the weakest account-management flow.

That dynamic mirrors what shattered.io found covering the Roblox age-verification rollout earlier this year, where a policy change on the platform’s periphery – not a core-product failure – wiped billions in market value in a matter of days. Peripheral products carry real reputational and operational risk, even when they’re financially minor.

The Bigger Picture: Generative AI Is Lowering the Skill Floor for Cybercrime

The most important detail in the Bandai Namco hack isn’t the account-cancellation vulnerability itself – it’s that a 15-year-old with a partially-working script could recruit a general-purpose chatbot as a coding partner to finish the job. Security researchers have been warning about exactly this shift for most of 2026. The Hacker News labeled 2026 “the year of AI-assisted attacks” earlier this year, and Rapid7’s mid-2026 threat research described a growing “Criminal AI-as-a-Service” underground market that is actively productizing the kind of task ChatGPT performed here, whether or not that was OpenAI’s intent.

The Atlantic Council’s research on this trend makes the mechanism explicit: general-purpose AI models don’t need to be “hacking tools” to be useful to attackers – they just need to be competent general-purpose coding assistants, because most of what separates a curious teenager from a working exploit is the unglamorous, tedious work of writing and debugging code. Remove that bottleneck, and the remaining barrier to entry is knowing roughly what to ask for, which is a much lower bar. Shattered.io has tracked this shift from multiple angles this year, including our reporting on how autonomous AI systems are already conducting the majority of some attack categories and on the security incidents tied to agentic AI deployments inside enterprises.

What makes the Bandai Namco and Rakuten Mobile cases different from those enterprise-focused stories is the attacker profile. This isn’t a nation-state group or a ransomware crew using AI to scale existing operations – it’s minors with no formal training producing real, costly disruption against major consumer platforms. That’s a distinct and, for platform-security teams, arguably more urgent problem: the population of people capable of causing this kind of damage just got dramatically larger, and very little of the existing threat-modeling built around “sophisticated attacker” assumptions accounts for it.

Competitive Comparison: 2025-2026 Gaming-Sector Security Incidents

The Bandai Namco hack joins a busy year for gaming and entertainment platform security. Here’s how it stacks up against other notable incidents shattered.io has covered, plus the Rakuten Mobile case and the industry’s most-referenced historical breach for scale:

IncidentPlatformDisclosedMethodScaleMotive
Bandai Channel breachBandai Namco FilmworksNov 2025 (arrest Jun 2026)ChatGPT-assisted script + IP rotation46,812 accounts canceled; up to 1.36M records exposedCuriosity, per suspect
PSN account takeoversSony / PlayStation NetworkCirculating since Nov 2025, public May 2026Social engineering vs. support desk (no malware)Undisclosed total; multiple public victim casesAccount resale/fraud
Atlas Menu breachAtlas Menu (third-party cheat seller)May 2026Platform hack, DB dumped to GitHub63,926 accounts (per HIBP)Personal retaliation
Rakuten Mobile fraudRakuten Mobile2024 access; Feb 2025 arrestsChatGPT-assisted fraud tooling~220,000 Rakuten-linked records found; 2,500+ fraudulent contractsFinancial fraud
2011 PSN mega-breach (historical)Sony / PlayStation NetworkApril 2011Network intrusion77.1 million accountsData theft

Scale-wise, Bandai Channel sits in the middle of this group – far smaller than the 2011 PSN breach, but larger in exposed-record count than the Atlas Menu incident. What stands out is method: three of the five incidents in this table involve either AI-assisted tooling or a complete absence of traditional malware, underscoring how much attacker tradecraft has shifted away from custom-built exploit kits toward abusing legitimate business logic and general-purpose software.

Historical Context: From a 77-Million-Account Mega-Breach to AI-Assisted Teenagers

Gaming-industry breaches are not new, but the profile of who can cause one has changed dramatically. The industry’s reference point is still the April 2011 Sony PlayStation Network breach, which exposed roughly 77.1 million accounts – usernames, addresses, emails, birthdates, and passwords, with credit card numbers encrypted but other data exposed in plaintext – and forced a 24-day full network outage from April 20 to May 14, 2011. Sony disclosed a direct cost of $171 million tied to that incident, according to Wikipedia’s detailed account of the outage.

That breach required a coordinated intrusion against Sony’s core infrastructure, widely attributed at the time to a skilled external group. Fifteen years later, the Bandai Namco hack didn’t require anything close to that level of organizational capability – a single teenager, working alone, with an AI chatbot as his only real “accomplice,” disrupted a major publisher’s product for six weeks and put over a million records at risk. The scale is smaller, but the skill and resourcing required to cause meaningful damage has collapsed by orders of magnitude, which is arguably the more important long-term data point for anyone modeling future risk.

It’s a trajectory that echoes what shattered.io has documented in the broader breach landscape this year, including the growth in active ransomware groups and the rise of AI-generated malicious open-source packages – different attack categories, but the same underlying story: the tools available to low-resourced or unskilled actors keep getting more capable, faster than most platforms are updating their threat models.

Security Lessons for Game Publishers and Streaming Platforms

Several concrete lessons for platform-security teams fall out of the Bandai Channel incident, independent of the specific vulnerability involved:

  • Rate-limit business-logic endpoints, not just login forms. Account cancellation, subscription changes, and similar “housekeeping” API calls are frequently under-monitored compared to authentication endpoints, even though abusing them at scale can be just as disruptive.
  • Treat rapid, repeated IP rotation as a signal on its own. Thirty IP changes against a single account-management workflow in a short window is an anomaly a basic velocity check should catch, independent of whatever payload is being sent.
  • Assume attacker tooling quality is rising even when attacker skill isn’t. Threat models built around “a sophisticated attacker would need X capability to pull this off” are increasingly unreliable when AI assistants can supply that capability on demand.
  • Audit peripheral products with the same rigor as flagship ones. Bandai Channel is a small piece of Bandai Namco’s business, but it was the piece that got hit – and a breach notice from a niche streaming subsidiary still made international headlines under the parent company’s name.

A simple anomaly-detection check – the kind that would have flagged this specific pattern quickly – doesn’t require sophisticated machine learning, just a sane threshold on a business-critical action:

// Illustrative example only – not Bandai Namco's actual system.
function checkCancellationVelocity(accountActions) {
  const CANCELLATIONS_PER_MINUTE_THRESHOLD = 20;
  const IP_CHANGES_PER_HOUR_THRESHOLD = 5;

  if (accountActions.cancellationsPerMinute > CANCELLATIONS_PER_MINUTE_THRESHOLD) {
    return flagForReview("abnormal cancellation velocity");
  }
  if (accountActions.uniqueSourceIPsPerHour > IP_CHANGES_PER_HOUR_THRESHOLD) {
    return flagForReview("rapid IP rotation on sensitive endpoint");
  }
  return ok();
}

Neither check is exotic. The fact that a pattern this detectable ran for nearly four hours before the platform was taken offline suggests the gap wasn’t sophistication on the attacker’s side – it was monitoring coverage on the defender’s side, which is a far more common and far more fixable problem across the games industry.

What Happens Next: 5 Predictions

Based on how this case and its closest precedent have unfolded so far, here’s what shattered.io expects over the second half of 2026:

  • More minor-perpetrated, AI-assisted breaches will surface. With two documented Japanese cases in eighteen months and free access to capable chatbots effectively universal among teenagers, additional incidents following this template are likely to be publicly reported before the end of 2026.
  • Gaming and entertainment companies will formalize “AI-assisted low-skill attacker” scenarios into incident-response planning, alongside existing ransomware and nation-state playbooks, rather than treating this as a one-off curiosity.
  • Expect scrutiny of whether a 1.36-million-record exposure with “no confirmed misuse” still triggers stricter notification expectations from privacy regulators, particularly for subscribers outside Japan whose data may fall under GDPR-style rules if Bandai Channel has any EU subscriber base.
  • Credential-stuffing attempts against other Bandai Namco-linked services are likely to tick up in the coming months, as opportunistic actors test whether the exposed emails and usernames unlock accounts elsewhere via password reuse.
  • AI providers will face renewed pressure to detect abuse patterns in coding requests that look benign in isolation – “help me finish this account-management script” – but form part of a larger attack when combined with reconnaissance the model never sees.

Frequently Asked Questions

What is Bandai Channel and who owns it?

Bandai Channel is a subscription video-on-demand service for anime and tokusatsu content, operated by Bandai Namco Filmworks, the film and animation production subsidiary of Bandai Namco Holdings – the Japanese conglomerate that also publishes Tekken, Pac-Man, Dark Souls, and Soulcalibur.

How did the 15-year-old hack Bandai Channel?

Police say he found a vulnerability by analyzing network traffic to Bandai Channel’s servers, wrote an initial version of a script to trigger account cancellations, then used ChatGPT to help rewrite and speed up that code in a different programming language. He reportedly changed his IP address around 30 times to evade blocks while the script ran.

How many accounts were affected by the Bandai Namco hack?

46,812 subscriber accounts were automatically canceled during the November 4, 2025 attack. Separately, Bandai Namco says up to 1.36 million items of personal information were potentially accessible, though this reflects theoretical exposure rather than confirmed data theft.

Were passwords or credit card numbers exposed?

No. Bandai Namco has stated that passwords and full credit card numbers were not exposed. The potentially accessible data was limited to email addresses, usernames, Bandai Namco Coin balances, and select payment-related information.

Was the suspect arrested or charged?

Tokyo Metropolitan Police took the suspect into custody in June 2026 on suspicion of violating Japan’s Unauthorized Computer Access Prohibition Act and fraudulent obstruction of business. Because he is a minor, his case is expected to proceed through Japan’s family court system rather than standard adult criminal court.

Is this the first time a Japanese teenager has used ChatGPT in a cyberattack?

No. In February 2025, three teenagers aged 14, 15, and 16 were arrested for using ChatGPT-assisted tooling to fraudulently obtain phone contracts through Rakuten Mobile’s systems, accessing roughly 220,000 Rakuten-linked records and selling over 2,500 fraudulent contracts.

Did Bandai Namco offer compensation to affected users?

Yes. The company has apologized to affected subscribers and offered refunds covering the membership periods disrupted by the six-week service suspension.

What should Bandai Channel users do now?

Anyone who held a Bandai Channel account as of November 2025 should treat their email address and username as exposed. Watch for phishing attempts referencing real account details, avoid reusing that account’s password anywhere else, and enable two-factor authentication on any linked services where it’s available.