Slashdot Mirror

← Back to Stories (view on slashdot.org)

Database Leak Exposes 3.3 Million Hello Kitty Fans (csoonline.com)

Posted by samzenpus on from the herding-kitties dept.

itwbennett writes: "A database for sanriotown.com, the official online community for Hello Kitty and other Sanrio characters, has been discovered online by researcher Chris Vickery," writes CSO's Steve Ragan, who was contacted about the leak Saturday evening. The database houses 3.3 million accounts containing records including first and last names, email addresses, unsalted SHA-1 password hashes, password hint questions and their corresponding answers, along with other information. The database also has ties to a number of other Hello Kitty portals.

14 of 92 comments (clear)

  1. Super Happy Security Breach Error Get! by carlhaagen · · Score: 5, Funny

    =(^.^)= Kawaiiiii!

    1. Re:Super Happy Security Breach Error Get! by Anonymous Coward · · Score: 2, Funny

      This is horrible! I'd rather have my Grindr account exposed! Oy! Whatta meesa sayin'?

  2. The question is by phantomfive · · Score: 2

    What website is there with security that can't be penetrated?
    Don't consider things online to be safe.

    --
    "First they came for the slanderers and i said nothing."
    1. Re:The question is by Anonymous Coward · · Score: 5, Funny

      What website is there with security that can't be penetrated?

      I pen-tested a website for a celibacy group and didn't find any holes.

    2. Re:The question is by TWX · · Score: 4, Funny

      What website is there with security that can't be penetrated?

      I pen-tested a website for a celibacy group and didn't find any holes.

      Funny that, I penetration-tested a celibacy group and ultimately the group lost all of its membership...

      --
      Do not look into laser with remaining eye.
    3. Re:The question is by ls671 · · Score: 2

      It isn't a virgin group, we are just libertarians.

      John Redcap
      Celibacy group president.

      --
      Everything I write is lies, read between the lines.
  3. Less shocking than Hello Kitty not being a cat by buchner.johannes · · Score: 3, Interesting

    This is the first leak I have seen where the password hint questions are leaked too. Will be interesting to see how users in the real world link passwords and password hints, and if algorithms can be developed to uncover 99% of all passwords/answers from password hints -- I presume many password hints contain the answer or substantial parts of it (e.g. "pass + 123" = "pass123").

    --
    NB: The message above might reflect my opinion right now, but not necessarily tomorrow or next year.
  4. Slashdotters live in terror... by 93+Escort+Wagon · · Score: 3, Funny

    ... that their secret may now come out. Oh, well, it could be worse - it could've been a My Little Ponies site.

    --
    #DeleteChrome
    1. Re:Slashdotters live in terror... by R3d+M3rcury · · Score: 5, Funny

      I was just going to say, hackers will be taking a page out of Ashley Madison:

      "If you don't want your friends to know of your 'Hello Kitty' purchases, transfer $10,000 to this account in the Bahamas..."

    2. Re:Slashdotters live in terror... by Bite+The+Pillow · · Score: 2

      You left out the account number. Please reply ASAP.

      Posting anon for obvious reasons.

  5. I have a great idea! by Anonymous Coward · · Score: 5, Insightful

    Step 1. Lay off the sysadmin, the DBA, the network admin, and the developer

    Step 2. Hire a "full stack developer" and pay him one below-market salary to do 4 peoples' jobs at once

    Step 3. ???

    Step 4: PROFIT!!!

  6. This time ISIS has gone TOO FAR!!! by Anonymous Coward · · Score: 2, Funny

    Quick Lil'Joe...to the Pentagon!

  7. 1,2,3 New round of blackmail as list may be posted by bagboy · · Score: 2

    Maybe you lucked out from the Ashley Madison fiasco, but if your name is on this list, exposure may cost you more than you know.

  8. Could someone expose the Slashdot user database ? by LordHighExecutioner · · Score: 3, Funny

    I am so curious to learn who is behind the user name "Anonymous Coward". He is such a prolific, sleepless contributor...