Hello Kitty Hack: Data Of 3.3 Million Fans Leaked

Hello Kitty Hack: Data Of 3.3 Million Fans Leaked
Hello Kitty at Sunset 13020 Ted Eytan / Flickr CC BY-SA 2.0

Personal information of almost 3.3 million Hello Kitty fans and other Sanrio products could have been exposed to hackers for a month.


Reports security researcher, Chris Vickery, told security news website CSO that he found a leaked database of 3.3 million accounts of Sanriotown.com and other Sanrio-owned websites like hellokitty.com, mymelody.com, and Sanriotown.com. The compromised data could include first and last names, locations and passwords of fans of Hello Kitty. Majority of the affected users are expected to be children.

A Sanrio spokesperson said in a written statement to Wired that “the alleged security breach of the SanrioTown site is currently under investigation. Information will be made available once confirmed.”

In November, data of as many as 11 million users was pulled from the gadget maker Vtech. According to the company, as many as 6.4 million of these were kids. The hacker in this case later revealed that their intent was to bring to the fore Vtech’s insecurity. The breached data also included pictures and videos.

Like us on Facebook

In a letter to NBC News, Vickery said that he found the breached database through Shodan, a search engine that indexes public devices and servers. He wrote in the letter that Sanrio data was “very easily accessed. Very easily queried.” He added that Shodan first listed it on November 22, which could mean that the data was open for hackers for at least a month.

The data of users who believe their accounts have been hacked are advised to change their passwords and password hints on other websites.