Hello Kitty Appears to Patch Data Leak

Oh No Kitty! This official online community for Hello Kitty fans has/had a data leak. “The records exposed include first and last names, birthday (encoded, but easily reversible Vickery said), gender, country of origin, email addresses, unsalted SHA-1 password hashes, password hint questions, their corresponding answers, and other data points that appear to be website related.” It looks like it’s been fixed, and the issue was MongoDB misconfiguration.

%d bloggers like this: