Japanese Teen Arrested for Allegedly Using ChatGPT in Cyberattack That Deleted 46,000 Anime Accounts

 
Japan

A 15-year-old high school student in Japan has been arrested after allegedly using ChatGPT to help create a program that carried out one of the country's most unusual cyberattacks in recent years. According to Japanese police, the teenager exploited a security flaw in the popular anime streaming platform Bandai Channel, resulting in the cancellation of 46,812 user subscriptions and causing major disruption to the service.

The incident has sparked a wider debate about the growing role of artificial intelligence in cybercrime. While AI tools like ChatGPT are designed to assist with learning, coding, writing, and productivity, authorities believe they can also be misused when placed in the wrong hands.

What Happened?

Investigators say the cyberattack took place in November 2025. The teenager allegedly discovered a vulnerability in Bandai Channel's system after analysing its network communications. Using a program that police claim was developed with assistance from ChatGPT, he reportedly sent false requests to the company's servers, automatically cancelling tens of thousands of paid subscriptions.

The attack forced Bandai Namco Filmworks, which operates the streaming platform, to temporarily suspend its services while engineers repaired the affected systems and restored customer accounts. The disruption lasted for several weeks before normal operations resumed.

How ChatGPT Was Allegedly Used

Police have clarified that ChatGPT was not responsible for the attack itself. Instead, investigators allege the teenager used the AI chatbot to assist in writing or refining parts of the malicious program that automated the attack.

Reports suggest the student admitted using ChatGPT because it helped him complete the program in another programming language, making the process faster. Authorities say the attack was ultimately carried out by software the teenager controlled.

Self-Taught Programmer

The suspect reportedly told investigators that he began learning computer programming while still in elementary school and taught himself through online resources. Police believe he was able to identify weaknesses in the streaming platform's security without receiving formal cybersecurity training.

Investigators also allege that after the company blocked his access, he repeatedly changed his IP address to continue carrying out unauthorised actions until the breach was fully contained.

Bigger Questions About AI and Cybersecurity

The case has renewed concerns about how generative AI can lower the barrier for people with technical knowledge to develop software more quickly. Cybersecurity experts stress that AI tools themselves are not inherently dangerous, but they can accelerate both legitimate programming and malicious activities if misused.

The incident also highlights the importance of strong cybersecurity practices. Investigators believe the teenager was able to exploit an existing vulnerability in the platform's systems. Security professionals argue that better authentication, stricter server-side validation, and regular vulnerability testing remain the most effective defence against such attacks.

The Investigation Continues

Japanese authorities have arrested the teenager on suspicion of obstructing business through the cyberattack. Police are continuing to investigate whether any user information was misused beyond the cancellation of subscriptions.

The case is being closely watched around the world because it combines two major issues shaping the future of technology: the rapid rise of generative AI and the increasing sophistication of cybercrime involving young, self-taught programmers.

Tags

Share this story

More on this story

Latest News

Must Read

Don't Miss