INFRA
INFRA
INFRA
Goodbye security: Hello Kitty hack confirmed as database published online
A database from Sanrio Co. Ltd., the company behind Hello Kitty, has been published online for the first time, proving once and for all that the company was hacked.
News of the hacking emerged in December 2015, when a copy of the database was alleged to have been found on the dark web by security researcher Chris Vickery. It included first and last names, birthday, gender, country of origin, email addresses, non-randomized SHA-1 password hashes, password hint questions, their corresponding answers and other data points — in short, a lot of valuable data. Users were advised to change their passwords, but Sanrio denied that any data had been stolen at the time.
Any question about the veracity of the hack has now been answered with leak search engine LeakedSource having added the Hello Kitty database to its service last weekend. The database is said to include 3.3 million records from sanriotown.com including 186,261 Hello Kitty fans who are younger than 18. Fortunately, the published record has been stripped of anything but personal details, with other data being removed. Strangely, though, the data on LeakedSource now includes the field “incomeRange” next to every user with values running from 0 to 150, although it isn’t clear what those numbers actually mean.
“As was the case previously, the fear is that the exposed database could cause problems for those registered, especially the children,” Steve Ragan, who first noted the dump on LeakedSource, wrote at Salted Hash. “It’s hard enough to deal with ID theft related issues as an adult. Such issues are only compounded for children, as the problems might not materialize for several years.”
As SiliconANGLE wrote at the time the story originally broke, the Hello Kitty hack, along with the hack of smart toymaker VTech before it, may be indicative of a disturbing shift by bad actors to target children. Before, they had primarily targeted services frequented by adults.
It may be somewhat flippant to quote the famous line from “The Simpsons,” “Won’t someone think of the children?” but in this case it seems apt. Anyone who has created a Sanrio Hello Kitty account and hasn’t changed the password yet should do so now.
Image credit: ekstra/Flickr/CC by 2.0
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
