While it is likely that no major impacts were experienced, the toy maker for the “Hello Kitty” brand reported an exposure that made access to over 3 million accounts potentially available.  This is documented below:


Japanese toy vendor Sanrio, owner of the popular Hello Kitty brand, is admitting to a security vulnerability on its SanrioTown.com community Website. The vulnerability has already been patched, and there is no public evidence that private user information has been publicly posted.

“On Dec. 19, it was revealed through outside sources that personal information such as names, date of birth, gender and other information belonging to SanrioTown.com members was accessible if you knew the address of the vulnerable servers,” Sanrio stated in a release on Dec. 22. “The vulnerable data did not include credit card information or other payment information and passwords were securely encrypted.”  The outside sources include a report that alleged that 3.3 million Hello Kitty fans were exposed by a database leak.