Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
  HOME     MENU     SEARCH     NEWSLETTER    
CUSTOMER RELATIONSHIP MANAGEMENT NEWS. UPDATED ABOUT A MINUTE AGO.
You are here: Home / Customer Data / Hello Kitty Hack Exposes 3.3M Users
Hello Kitty Breach May Have Leaked 3.3 Million User Accounts
Hello Kitty Breach May Have Leaked 3.3 Million User Accounts
By Jennifer LeClaire / CRM Daily Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
DECEMBER
22
2015
On the heels of the VTech hack, another kid-oriented brand has been breached. Hello Kitty is the victim of a cyberattack. Sanriotown.com, the online community where kids interact with the ever-popular Hello Kitty brand through blogs, games, quiz centers and more, suffered a database breach, according to Internet security research Chris Vickery.

Vickery is the same researcher who recently discovered the MacKeeper software breach. That security event leaked over 13 million credentials. The Hello Kitty breach is less severe, possibly compromising about 3.3 million user accounts.

"The alleged security breach of the SanrioTown site is currently under investigation,” the company said in a published statement. “Information will be made available once confirmed."

Mitigating Impacts

We caught up with Tim Erlin, director of IT security and risk strategy at advanced threat detection firm Tripwire, to get his thoughts on the breach. He told us every time you enter information into a field on a Web page and click submit, that data is transmitted and stored, and could be exposed at some point in the future.

“Your identity is valuable, and the pieces of it that an organization collects are worth stealing,” Erlin said. “We don’t yet know whether this data was exposed through negligence, malicious activity, or some other means.”

Erlin described it as much like seeing an abandoned Relevant Products/Services crash on the side of the road; something bad clearly happened, but what it was remains a mystery.

“With an appropriate response, Sanrio is unlikely to experience significant damage from this incident,” Erlin said. “Companies that plan for a breach, and design a response ahead of time, can mitigate the most serious possible impacts and reduce the cost of the breach.”

Handling Kids’ Info

Chinese electronic toy maker VTech was hacked in November, revealing the profiles of 6.4 million kids around the world, along with 4.9 million parent accounts. The database of the company’s Learning Lodge app store, which allows customers to download apps, e-books and learning games, was breached on November 14 HKT (Hong Kong Time).

VTech makes a wide variety of children's toys, including the VTech Tote 'n Go Laptop, pictured above. The company's customer database holds a slew of user profile information. The personal identifiers mentioned in the company’s report include names, e-mail addresses, passwords, secret questions and answers for password retrieval, IP addresses, mailing addresses and download histories. The database also contains kids’ information, including names, genders and birth dates.

"There are specific controls [by law] that must be adhered to in collecting and using children’s data, and several companies have been fined to date for non-compliance,” Mark Bower, global director of product management at HP Enterprise Data Security, told us previously. “Breach of children’s data in itself has many serious risks, as you could imagine, and anyone collecting such data must take steps to protect it from advanced attacks as in this case.”

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
MORE IN CUSTOMER DATA

NETWORK SECURITY SPOTLIGHT
Over the past decade, hospitals have been busy upgrading their systems from paper to electronic health records. Unfortunately, spending so much on EHR may have left insufficient funds for security.
The British government officially blamed Russia for waging the so-called NotPetya cyberattack that infected computers across Ukraine before spreading to systems in the U.S. and beyond.
CRM DAILY
NEWSFACTOR NETWORK SITES
NEWSFACTOR SERVICES
© Copyright 2018 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.