A 15-year-old student in Japan has been arrested after authorities accused him of using ChatGPT to help develop software that enabled a large-scale cyberattack against Bandai Namco Filmworks’ anime streaming platform, Bandai Channel. Investigators allege that the teenager exploited a security vulnerability in the platform, allowing him to automate unauthorized access to thousands of user accounts and trigger the cancellation of more than 46,000 subscriptions.
The incident disrupted the streaming service for weeks, forced the company to temporarily suspend parts of its operations, and prompted an extensive investigation by Japanese authorities. While the teenager reportedly admitted to creating the software and acknowledged using ChatGPT to assist with parts of the programming process, investigators have emphasized that the criminal allegations relate to the unauthorized cyberattack rather than the use of artificial intelligence itself. The case has drawn widespread attention because it highlights how AI-powered coding tools can be misused when combined with security vulnerabilities and malicious intent.
Authorities Say Teen Exploited Platform Vulnerability Using AI-Assisted Programming
According to reports citing the Tokyo Metropolitan Police, the alleged cyberattack took place in November 2025, when the teenager was still a junior high school student. Investigators claim he identified a weakness within Bandai Channel’s systems and developed software capable of exploiting that vulnerability. Police allege that on November 4, 2025, he sent fraudulent commands to the company’s servers, initiating a process that automatically cancelled tens of thousands of user subscriptions. Authorities estimate that a total of 46,812 accounts were affected during the incident, making it one of the most significant disruptions experienced by the anime streaming platform.
During questioning, the teenager reportedly admitted that he created the source code responsible for processing the account withdrawals. However, he also explained that the original program was running too slowly, prompting him to seek assistance from ChatGPT. According to investigators, he stated that he asked the AI chatbot for help rewriting the program in a different programming language, enabling him to complete the software more efficiently. His reported statement has attracted considerable public attention because it illustrates how generative AI tools can assist with coding tasks, although authorities have stressed that the software itself was ultimately used to carry out an illegal cyberattack.
Police allege that after exploiting the vulnerability, the teenager gained unauthorized access to member account information and used automated commands to cancel thousands of subscriptions without the account holders’ permission. Rather than manually accessing individual accounts, investigators believe the software streamlined the process, enabling widespread disruption within a relatively short period. The incident affected Bandai Channel’s ability to provide uninterrupted service, forcing the company to respond quickly in an effort to contain the damage and restore normal operations.
Authorities further allege that the teenager continued attempting to access the company’s systems even after Bandai Namco Filmworks introduced measures designed to block him. Investigators claim he repeatedly changed his IP address—approximately 30 times—to continue sending malicious commands after initial countermeasures had been implemented. This alleged effort to bypass security restrictions has become an important aspect of the investigation, as prosecutors seek to establish that the actions were deliberate and sustained rather than isolated or accidental.
Read : 10 Things That Separate Asian Nations from European and American Nations
The case has also drawn attention because of the suspect’s age and programming background. According to investigators, the teenager told police that he began using computers while in the fourth grade and largely taught himself programming through independent study. Authorities stated that despite his young age, he had developed sufficient technical knowledge to identify weaknesses in online systems and create software capable of exploiting them. His reported experience has raised broader discussions about the accessibility of programming education and the importance of ethical cybersecurity practices for young technology enthusiasts.
Bandai Namco Filmworks Faced Weeks of Service Disruption Following the Attack
The alleged cyberattack had significant operational consequences for Bandai Namco Filmworks and its Bandai Channel streaming platform. According to investigators, the unauthorized commands sent to the company’s servers caused widespread account cancellations beginning on November 4, with users discovering that their memberships had unexpectedly been terminated. The disruption escalated over the following days, and by November 6, the company was dealing with major service interruptions that affected its ability to operate normally.
Bandai Namco Filmworks reportedly spent several weeks investigating the incident, repairing affected systems, and strengthening security measures before full operations resumed in December 2025. During this period, portions of the streaming service were temporarily suspended while engineers worked to identify the vulnerability that had allegedly been exploited. The company subsequently reported the incident to police, triggering the criminal investigation that ultimately led to the teenager’s arrest.
Read : 18-Year-Old College Student Drowns in River Wye During Duke of Edinburgh’s Award Trip to Wales
Following the breach, Bandai Namco Filmworks contacted affected customers individually to explain the situation and provide guidance regarding their accounts. Users whose subscriptions had been cancelled during the attack were instructed to register again in order to regain access to the streaming platform. The company also announced that customers would receive refunds for subscription fees charged during the period when services were disrupted, acknowledging the inconvenience experienced by thousands of subscribers.

The company additionally warned customers to remain alert for phishing attempts and fraudulent emails that could emerge following the security incident. Whenever customer information is involved in a cyberattack, there is often concern that attackers may attempt to exploit confusion by sending deceptive messages pretending to come from legitimate companies. Although Bandai Namco Filmworks informed users to exercise caution, it also stated that there was no evidence indicating that any leaked customer data had been published online or otherwise misused.
In its public response, Bandai Namco Filmworks emphasized that it viewed the incident with the utmost seriousness. The company stated that it would continue conducting regular security inspections while implementing additional safeguards designed to prevent similar attacks in the future. Such measures typically include reviewing system vulnerabilities, improving monitoring capabilities, and strengthening authentication procedures to reduce the likelihood of unauthorized access.
The lengthy recovery period demonstrated how even a single exploited vulnerability can significantly disrupt online services used by thousands of customers. Beyond the immediate inconvenience caused by cancelled subscriptions, companies experiencing cyberattacks often face substantial technical, financial, and reputational challenges while restoring trust among their users. The Bandai Channel incident illustrates the broader risks faced by digital platforms as cybercriminals increasingly target weaknesses in online systems.
Case Highlights Concerns Over AI Tools and the Importance of Responsible Cybersecurity
Although ChatGPT has become one of the most discussed aspects of this case, investigators have not suggested that the AI tool itself carried out the attack. Instead, authorities allege that the teenager used ChatGPT as an assistant while writing portions of the software before independently deploying the program during the alleged cyberattack. His reported statement that he requested assistance because the original program was taking too long has become a focal point in public discussions surrounding artificial intelligence and programming.
Generative AI systems are increasingly used by students, software developers, businesses, and researchers to explain programming concepts, troubleshoot code, and assist with software development. These tools can improve productivity by helping users understand unfamiliar programming languages or suggesting alternative coding approaches. However, cybersecurity experts have repeatedly warned that like many technologies, AI tools can also be misused if individuals choose to employ them for unlawful activities. The responsibility for criminal conduct ultimately rests with those who intentionally use technology to commit offenses rather than with the technology itself.

Japanese authorities have charged the teenager with fraudulent obstruction of business, reflecting allegations that his actions intentionally interfered with the company’s operations. Investigators also noted that this was not the first time the suspect had come to the attention of law enforcement. According to reports, he had already been arrested in June this year in connection with other computer-related offenses, a detail that may become relevant as legal proceedings continue.
During questioning, the teenager reportedly denied having any personal grievance against Bandai Namco Filmworks. Instead, investigators said he explained that he selected the platform simply because “there were many accounts I could log into.” He also reportedly stated that he had “happened to be able to access the information” and insisted that he held no hostility toward the company. Authorities continue examining those statements alongside the technical evidence gathered during their investigation.
The case serves as another reminder that organizations operating online platforms must continually review and strengthen cybersecurity defenses as digital threats continue evolving. Attackers frequently search for overlooked vulnerabilities that can be exploited through automated software, making regular security testing and rapid patching essential components of modern cybersecurity strategies.
At the same time, educational institutions, technology companies, and governments continue emphasizing the importance of ethical computer education, encouraging young programmers to use their technical abilities for defensive research, innovation, and legitimate software development rather than unauthorized system access. As legal proceedings move forward, the incident is likely to remain part of broader discussions about artificial intelligence, cybersecurity, and digital responsibility.
While AI-assisted coding tools continue transforming software development by making programming more accessible and efficient, the allegations in this case demonstrate that these technologies, like many others, can be abused when combined with malicious intent and exploitable security weaknesses. For companies managing online services, the Bandai Channel incident underscores the need for constant vigilance, robust security infrastructure, and rapid incident response, while also reinforcing that AI itself is a tool whose impact depends entirely on how it is used.