Hello Kitty tackles child information leak

Hello Kitty fan eventImage copyright

Image caption

Data about millions of Hello Kitty fans was permitted since servers were mis-configured

A confidence loophole on a Hello Kitty website that unprotected millions of people’s personal information has been “corrected” says a brand’s owner.

Earlier this week a mechanism confidence researcher suggested that information about 3.3 million Sanrio Town members was accessible.

The Japanese organisation Sanrio, that owns Hello Kitty and runs Sanrio Town, pronounced it had now sealed a loophole.

It combined that no information about Hello Kitty fans had been stolen.

“We investigated a problem and practical fixes, including securing a servers identified as vulnerable,” pronounced Sanrio in an advisory posted on a site.

It combined that usually personal information, including names, email residence and encrypted passwords, had been accessible to those who knew where to find a servers.

Information on some-more than 180,000 children was in this cache. No credit label or remuneration information was hold on a unprotected servers.

Sanrio combined that it was conducting an inner examination and examination to find out because a servers were mis-configured so they could be accessed.

“At this time we have no denote that users’ personal information was stolen by antagonistic parties,” pronounced an advisory note.

Even so, Sanrio has sent messages to Sanriotown members advising them to change a cue they used to entrance a site and to change any other on that they used a same fibre of characters.

Chris Vickery, a researcher who unclosed a entrance to a data, doubtful Sanrio’s explain that membership information had not been accessed.

He pronounced he used many opposite net addresses to entrance a information and endorse it was vulnerable.

Sanrio is a latest in a flourishing list of firms that have unsuccessful to strengthen patron data.

Over a final few months information about users of VTech, TalkTalk and Ashley Madison have been unprotected online.