Posted on 12/20/2015 7:36:17 PM PST by Utilizer
Personal data belonging to the accounts of 3.3m Hello Kitty fans is available to download online - and much of it probably belongs to children. The database for sanriotown.com, the official online home of Hello Kitty and a large cast of other Sanrio characters, is easily accessible according to online security researcher Chris Vickery.
This means that sensitive information including users' real names, email addresses, account passwords, genders, birthdays and country of origin is all exposed, or encoded in easy-to-crack form.
Hello Kitty is popular amongst both adults and children, and internet security experts are warning parents to make sure kids' passwords are changed immediately - particularly if they use them for other sites. Adult users are also advised to completely abandon their own use of the compromised password, as it is a relatively easy task for hackers to cross-reference accounts on different sites which share passwords.
Massive data breach
Vickery, who found the leak on Saturday, says that Sanrio has been notified alongside the ISP being used to host the database. It is believed that the data was first exposed on 22 November 2015. Vickery has not published the whereabouts of the data in order to help prevent the leak from spreading. No further comment was immediately available.
Accounts registered to other sites associated with sanriotown.com are also affected by this leak, including hellokitty.com; hellokitty.com.sg; hellokitty.com.my; hellokitty.in.th; and mymelody.com.
(Excerpt) Read more at ibtimes.co.uk ...
You are warned. :) All your secrets are belong to us!
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.