Hello Kitty hack threat eyed in Privacy Commissioner probe
Fan website’s exposure of user details to risk of theft left 3.3 million accounts vulnerable
Hong Kong’s privacy watchdog has launched an investigation into security breaches of Hello Kitty’s fan website that could have led to the exposure of the personal data of more than three million fans.
In a public statement, Privacy Commissioner for Personal Data Stephen Wong said the incident might involve children’s personal information.
His warning came after Sanrio Digital, part-owned by Sanrio Co Ltd, the Japanese owner of the Hello Kitty brand, announced that the personal data of about 3.3 million members of SanrioTown website was publicly accessible, but that no data was accessed.
The personal information that was accessible included the names, email addresses, birth dates and encrypted passwords, but credit card or other payment information was not included, according to the Office of the Privacy Commissioner for Personal Data.
“As the targets of these websites are children, I appeal to the parents that in responding to the risks arising from new technology, they should learn and discuss with their children the smart use of technologies and their related risks,” said Wong.
Sanrio Digital said in a statement on Tuesday that “at this time we have no indication that any personal information was stolen.”