Egyptian public, private sectors off on Apr 25 marking Sinai Liberation    Egypt's SCZONE welcomes Zhejiang Province delegation for trade talks    Beltone Venture Capital partners with Citadel International to manage $30m startup fund    S. Africa to use contingency reserves to tackle debt    Gaza health authorities urge action for cancer, chronic disease patients    Transport Minister discusses progress on supplying new railway carriages with Hungarian company    Egypt's local gold prices see minor rise on April 18th    Expired US license impacts Venezuela crude exports    Taiwan's TSMC profit ups in Q1    Yen Rises, dollar retreats as G7 eyes currency calm    Egypt, Bahrain vow joint action to end Gaza crisis    Egypt looks forward to mobilising sustainable finance for Africa's public health: Finance Minister    Egypt's Ministry of Health initiates 90 free medical convoys    Egypt, Serbia leaders vow to bolster ties, discuss Mideast, Ukraine crises    Singapore leads $5b initiative for Asian climate projects    Karim Gabr inaugurates 7th International Conference of BUE's Faculty of Media    EU pledges €3.5b for oceans, environment    Egypt forms supreme committee to revive historic Ahl Al-Bayt Trail    Debt swaps could unlock $100b for climate action    Acts of goodness: Transforming companies, people, communities    Eid in Egypt: A Journey through Time and Tradition    President Al-Sisi embarks on new term with pledge for prosperity, democratic evolution    Amal Al Ghad Magazine congratulates President Sisi on new office term    Tourism Minister inspects Grand Egyptian Museum, Giza Pyramids    Egypt's healthcare sector burgeoning with opportunities for investors – minister    Egypt starts construction of groundwater drinking water stations in South Sudan    Russians in Egypt vote in Presidential Election    Egyptian, Japanese Judo communities celebrate new coach at Tokyo's Embassy in Cairo    Uppingham Cairo and Rafa Nadal Academy Unite to Elevate Sports Education in Egypt with the Introduction of the "Rafa Nadal Tennis Program"    Egypt's powerhouse 'The Tank' Hamed Khallaf secures back-to-back gold at World Cup Weightlifting Championship"    Financial literacy becomes extremely important – EGX official    Euro area annual inflation up to 2.9% – Eurostat    Egypt builds 8 groundwater stations in S. Sudan    BYD، Brazil's Sigma Lithium JV likely    UNESCO celebrates World Arabic Language Day    Motaz Azaiza mural in Manchester tribute to Palestinian journalists    Russia says it's in sync with US, China, Pakistan on Taliban    It's a bit frustrating to draw at home: Real Madrid keeper after Villarreal game    Shoukry reviews with Guterres Egypt's efforts to achieve SDGs, promote human rights    Sudan says countries must cooperate on vaccines    Johnson & Johnson: Second shot boosts antibodies and protection against COVID-19    Egypt to tax bloggers, YouTubers    Egypt's FM asserts importance of stability in Libya, holding elections as scheduled    We mustn't lose touch: Muller after Bayern win in Bundesliga    Egypt records 36 new deaths from Covid-19, highest since mid June    Egypt sells $3 bln US-dollar dominated eurobonds    Gamal Hanafy's ceramic exhibition at Gezira Arts Centre is a must go    Italian Institute Director Davide Scalmani presents activities of the Cairo Institute for ITALIANA.IT platform    







Thank you for reporting!
This image will be automatically disabled when it gets reported by several people.



'Hello Kitty' fan site exposed, but no data stolen-web host
Reuters Published in Ahram Online on 22 - 12 - 2015

More than three million accounts of Hello Kitty fans were left vulnerable to theft by hackers, but there is no evidence any data has been stolen, the Hong Kong-based company hosting the data said on Tuesday.
A spokesman for Sanrio Digital, part-owned by Sanrio Co Ltd , the Japanese owner of the Hello Kitty brand, said it had fixed the hole after being notified by security researcher Chris Vickery that personal information of its users was accessible.
Vickery told Reuters by e-mail that the company had plugged the holes he had found in three servers. But he said the database had been exposed for nearly a month, meaning that anyone who knew its internet address could have accessed it.
"It would have been extremely easy for a bad guy to take the data," he said. "Extremely easy. Almost as easy as downloading a web page."
Sanrio Digital said in a statement that "at this time we have no indication that any personal information was stolen."
The spokesman said 3.3 million accounts had been vulnerable, including the names, ages and gender of fans. He said that the accounts all belonged to users of the SanrioTown.com website, a community for fans of Hello Kitty.
No credit card or other payment information was included in the vulnerable data, and passwords "were securely encrypted," according to the statement.
The spokesman said while the company technically doesn't allow minors to sign up, this was implemented through an honour system, meaning that those younger than 13 could register by lying about their age.
News of the hole in the Sanrio Digital-hosted site follows last month's breach of another Hong Kong company, electronic toymaker VTech Holdings Ltd. Millions of records of parents and children were compromised.
In that case the hacker who found the vulnerability stole the data but shared some of it with a researcher and was reported as saying he had no plans to sell it. UK police arrested a 21-year old man last week in connection with the hack.
U.S.-based Vickery, who explores security vulnerabilities in his spare time and reports them to the affected companies, said the hole in the Hello Kitty site was the result of a simple misconfiguration of a database, leaving it open to public access without a password or authentication.
He said he had found thousands of similar vulnerabilities simply by searching an online database of connected devices.
http://english.ahram.org.eg/News/175158.aspx

Clic here to read the story from its source.