Hello Kitty Cyber Attack Affects 3.3 Million Users
Sanrio Digital made the announcement on December 22. They said the vulnerability has been corrected and investigations are underway.
Information that may have been available includes:
- First and last name
- Birthday (encoded)
- Email address
- Password (encrypted using SHA-1 hashes)
- Password hint questions
The vulnerable data did not include credit card information or other payment information.
Sanrio Digital also announced, "We are conducting an internal investigation and security review into this incident; at this time we have no indication that users’ personal information was stolen by malicious parties."