A year ago it was announced that 3.3 million database of Hello Kitty fans got exposed. Just over a year later, that status changes to exposed, stolen and published online. This has become a full-on ‘Hello Kitty Breach’.
Back in December 2015, Sanrio – the company the Hello Kitty brand – had insisted that nobody touched their database except for a security researcher who had found the unsecured MongoDB database in the first place.
The MongoDB was one of many that were found on a search engine due to a security flaw in the database system.
But a year later, a copy that entire database was found on the LeakedSource index, according to Steve Ragan from CSO’s Salted Hash site.
This follows on from the revelation that the number of compromised MongoDB databases has skyrocketed in recent days.