Hello Kitty, Goodbye Privacy as 3M+ Users Hit by Breach

Unsalted SHA-1 password hashes were also used—particularly bad information security practice.

Phil Muncaster

The personal information of over three million Hello Kitty customers has been found online by security researchers over the weekend.
The database in question was found by security bod Chris Vickery and relates to the Japanese cartoon character’s online community sanriotown.com, although those who registered accounts through hellokitty.com; hellokitty.com.sg; hellokitty.com.my; hellokitty.in.th; and mymelody.com are also affected.
Vickery told Salted Hash that the information exposed included full names, birth dates, gender, email and password hint questions and answers.
To read the entire article, please click here.
Source: http://www.infosecurity-magazine.com/