Masress : 'Hello Kitty' fan site exposed, but no data stolen-web host

Egypt prepares governmental talks with Germany to boost economic cooperation Prometeon showcases Egypt as strategic hub in regional growth plan at MEA Industry 2025 Egypt, US's Merit explore local production of medical supplies, export expansion Egypt, WHO discuss joint plans to support crisis-affected health sectors Government to channel major share of Qatar deal proceeds toward debt reduction: Finance Minister Grand Egyptian Museum fuels hospitality, real estate expansion in West Cairo 400 children with disabilities take part in 'Their Right to Joy' marathon Egypt's gold reserves surges to $16.55b in October – CBE Egypt's MSMEDA helps 18,000 SMEs win EGP 1.25b in state contracts Egypt's Foreign Minister discusses Gaza, Sudan with Russian counterpart Iraq's PM says holding elections on schedule is a 'major event' for the state Russia's Putin appoints new deputy defence minister in security shake-up UNESCO General Conference elects Egypt's El-Enany, first Arab to lead body Egypt repatriates 36 smuggled ancient artefacts from the US Grand Egyptian Museum attracts 18k visitors on first public opening day 'Royalty on the Nile': Grand Ball of Monte-Carlo comes to Cairo Egypt, Albania discuss expanding healthcare cooperation VS-FILM Festival for Very Short Films Ignites El Sokhna Egypt's cultural palaces authority launches nationwide arts and culture events Egypt launches Red Sea Open to boost tourism, international profile Qatar to activate Egypt investment package with Matrouh deal in days: Cabinet Hungary, Egypt strengthen ties as Orbán anticipates Sisi's 2026 visit Egypt's PM pledges support for Lebanon, condemns Israeli strikes in the south Omar Hisham Talaat: Media partnership with 'On Sports' key to promoting Egyptian golf tourism Egypt, Medipha sign MoU to expand pharmaceutical compounding, therapeutic nutrition Egypt establishes high-level committee, insurance fund to address medical errors Sisi expands national support fund to include diplomats who died on duty Madinaty Golf Club to host 104th Egyptian Open Egypt's PM reviews efforts to remove Nile River encroachments Al-Sisi: Cairo to host Gaza reconstruction conference in November Egypt will never relinquish historical Nile water rights, PM says Al-Sisi, Burhan discuss efforts to end Sudan war, address Nile Dam dispute in Cairo talks Syria releases preliminary results of first post-Assad parliament vote Egypt resolves dispute between top African sports bodies ahead of 2027 African Games Germany among EU's priciest labour markets – official data Paris Olympic gold '24 medals hit record value It's a bit frustrating to draw at home: Real Madrid keeper after Villarreal game Russia says it's in sync with US, China, Pakistan on Taliban Shoukry reviews with Guterres Egypt's efforts to achieve SDGs, promote human rights Sudan says countries must cooperate on vaccines Johnson & Johnson: Second shot boosts antibodies and protection against COVID-19 Egypt to tax bloggers, YouTubers Egypt's FM asserts importance of stability in Libya, holding elections as scheduled We mustn't lose touch: Muller after Bayern win in Bundesliga Egypt records 36 new deaths from Covid-19, highest since mid June Egypt sells $3 bln US-dollar dominated eurobonds Gamal Hanafy's ceramic exhibition at Gezira Arts Centre is a must go Italian Institute Director Davide Scalmani presents activities of the Cairo Institute for ITALIANA.IT platform

Thank you for reporting!

This image will be automatically disabled when it gets reported by several people.

'Hello Kitty' fan site exposed, but no data stolen-web host

Reuters Published in Ahram Online on 22 - 12 - 2015

More than three million accounts of Hello Kitty fans were left vulnerable to theft by hackers, but there is no evidence any data has been stolen, the Hong Kong-based company hosting the data said on Tuesday.
A spokesman for Sanrio Digital, part-owned by Sanrio Co Ltd , the Japanese owner of the Hello Kitty brand, said it had fixed the hole after being notified by security researcher Chris Vickery that personal information of its users was accessible.
Vickery told Reuters by e-mail that the company had plugged the holes he had found in three servers. But he said the database had been exposed for nearly a month, meaning that anyone who knew its internet address could have accessed it.
"It would have been extremely easy for a bad guy to take the data," he said. "Extremely easy. Almost as easy as downloading a web page."
Sanrio Digital said in a statement that "at this time we have no indication that any personal information was stolen."
The spokesman said 3.3 million accounts had been vulnerable, including the names, ages and gender of fans. He said that the accounts all belonged to users of the SanrioTown.com website, a community for fans of Hello Kitty.
No credit card or other payment information was included in the vulnerable data, and passwords "were securely encrypted," according to the statement.
The spokesman said while the company technically doesn't allow minors to sign up, this was implemented through an honour system, meaning that those younger than 13 could register by lying about their age.
News of the hole in the Sanrio Digital-hosted site follows last month's breach of another Hong Kong company, electronic toymaker VTech Holdings Ltd. Millions of records of parents and children were compromised.
In that case the hacker who found the vulnerability stole the data but shared some of it with a researcher and was reported as saying he had no plans to sell it. UK police arrested a 21-year old man last week in connection with the hack.
U.S.-based Vickery, who explores security vulnerabilities in his spare time and reports them to the affected companies, said the hole in the Hello Kitty site was the result of a simple misconfiguration of a database, leaving it open to public access without a password or authentication.
He said he had found thousands of similar vulnerabilities simply by searching an online database of connected devices.
http://english.ahram.org.eg/News/175158.aspx

Clic here to read the story from its source.