3.3M Hello Kitty fans exposed in database hack
A database for Sanriotown.com, an online community for Hello Kitty fans, has been breached, exposing the personal information of 3.3 million users, security bloggers report.
{mosads} The exposed information includes users’ first and last names, birthdates, genders, countries of origin and email addresses, as well as lightly protected passwords.
The database was discovered online by researcher Chris Vickery, who contacted the security blog Salted Hash over the weekend.
Sanrio, which owns the popular character, has not publicly responded to the allegations of a breach.
If confirmed, the breach of the popular global brand would be the second major breach this winter impacting a child-focused product.
In November, a hack on the digital toymaker VTech exposed the names, gender and birthdates for more than 6 million children. Five million parent accounts were also exposed in the intrusion, compromising mailing and email addresses, security questions used for password resets, IP addresses, passwords and download histories.
Security experts who have reviewed the data say the stolen information on children can be linked with their parents’ data, thereby revealing the kids’ full addresses and other information.
Salted Hash has contacted Sanrio to inform it of the alleged breach.
“The Hello Kitty brand is highly popular the world over, to kids and adults, so the immediate concern is that the database might contain the personal information of children,” writes security blogger Steve Ragan.
Copyright 2024 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed..