We've warned you about the security issues that were recently discovered with the Hello Barbie doll, and the data breaches at a major hotel line and with Target's wish list app. As you might have noticed, it's been a rough holiday season when it comes to security. And now there's another data breach that all parents need to be aware of.
SanrioTown.com, a popular online community for the iconic brand Hello Kitty, was recently discovered to have leaked the private information of its users. The breach includes personal details, such as full names, dates of birth, email addresses and even the answers to users' security questions and forgotten passwords.
The breach was discovered by Chris Vickery, an online researcher who found the exposed database that contained information on more than 3 million people. Vickery also discovered that additional sites were impacted by the leak. These include affiliate sites: hellokitty.com; hellokitty.com.sg; hellokitty.com.my; hellokitty.in.th; and mymelody.com. Two backup servers were also found containing the information.
After finding the databases, Vickery notified Salted Hash and Databreaches.net to begin the process of warning parents of the potential risks. Of course, the most pressing concern for parents is that the exposed information might include details about their children. Sanrio has been contacted and asked to disclose if this database contained details on any minors, but the company has not yet responded.
If you are a user of any of these sites, we recommend that you update your passwords immediately. Also, be sure that you're not using the same password and answers to the security questions for multiple sites. As an additional precaution, be on the lookout for scams. Watch for phishing scams, phone scams and suspicious mail, and monitor your bank accounts closely, since hackers can use this information to find even more details on you.