Sanriotown.com, the official Hello Kitty online fan community, has been breached, exposing the information of 3.3 millions users. Accounts registered through other fan portals — hellokitty.com; hellokitty.com.sg; hellokitty.com.my; hellokitty.in.th; and mymelody.com — have also been impacted by the leak. The data breach was discovered by researcher Chris Vickery, and according to security website CSO, it reveals “first and last names, birthday […] gender, country of origin, email addresses, unsalted SHA-1 password hashes, password hint questions, their corresponding answers, and other data points that appear to be website related.”
The Hello Kitty brand, which was created by Japanese illustrator Yuko Shimizu, is beloved worldwide by fans of all ages and genders. But the primary concern is that the breach will expose the private information of children. Users have been advised to change their login credentials immediately.
Read more at CSO.