The online community SanrioTown.com has suffered a data breach, and as a result 3.3 million user accounts have been left vulnerable. The website is a site for Hello Kitty fans, and as such many of the users are likely children. That didn’t stop someone from accessing the site’s user database and posting it online, though. Several other Hello Kitty websites were targeted, too.
The information comes from Salted Hash, which was informed of the breach by researcher Chris Vickery. The database is said to contain information related to 3.3 million accounts, and is in some way connected with some other Hello Kitty fan sites. Data includes user names and birthdays, email addresses, password hashes, gender, country of origin, and more.
Hello Kitty fans who registered through accounts on the HelloKitty.com Malaysia, Singapore, and Thailand domains, as well as MyMelody.com, are also affected. As well, the report states a pair of backup servers with mirrored data were found exposed.
The database was found published online, though its digital whereabouts are being withheld (and it has likely been taken down at this point). This is the latest hack to leave kids’ vulnerable; in recent weeks, toy maker VTech suffered data breaches with millions of kids and parents’ accounts affected.
SOURCE: Salted Hash