Hello Kitty may be cuddly on the outside, but it’s also been exposed as being vulnerable at its core.
The brand’s online customers have been left open to theft by hackers.
Although the problem has now been rectified, the database was exposed for almost a month.
Sanrio Digital, which is part-owned by Japanese company Sanrio — the owner of Hello Kitty — says there is no evidence of theft of data.
However, Chris Vickery, the security researcher who discovered the issue, said he’d found records online which exposed a number of pieces of personal information about some 3.3 million Sanrio users. It is not yet clear whether financial information was among the leaked data.
It’s the second such breach in recent weeks. A hacker who last month (November) pulled information on over 11 million users registered with gadget-maker VTech reportedly said it was an exercise to demonstrate the company’s online insecurity.