A database for Sanrio, the Japanese owner of the Hello Kitty brand, was breached, putting 3.3 million of its users' data at risk, according to security website CSOonline.com's report.
網絡安全信息網站CSOOnline.com的一份報告顯示�����,日本三麗鷗公司(Sanrio)某數據庫遭遇攻擊,導致330萬Hello Kitty品牌客戶的資料面臨風險���。
The leaked data includes information such as users' full names, email addresses and encrypted passwords, the website reported, citing security researcher Chris Vickery.
報告指出,據網絡安全研究員克里斯·維克瑞稱���,此次泄露的數據包括用戶全名、電子郵箱地址���,以及加密密碼。
The information exposed in the breach includes the first and last names, birth dates, genders, countries of origin, and email addresses for 3.3 million accounts.
而這330萬個賬號的用戶姓名�、生日��、性別����、國籍,以及電子郵箱都可能遭到曝光���。
It is not clear if the exposed data contained any financial information.
此次泄露的數據中是否還包含客戶的財務信息,目前仍不得而知���。
The passwords are 'lightly-protected' along with forgotten password questions and answers.
用戶密碼的保護機制似乎“并不嚴密”,僅有密碼重置問題與答案兩項����。
The passwords themselves are “hashed”, a form of protection which renders it technically impossible to retrieve the original password.
不過����,三麗鷗對用戶密碼采取了“哈希運算”����,能保證初始密碼不會被完全破解�����。
However, the hashing technique used by SanrioTown leaves it easy for an attacker to uncover a significant proportion of the obscured passwords.
然而,即便采取了上述加密技術,黑客依舊能破譯很大一部分字符�。
Sanrio, the owner of the brand, has not publicly responded to the allegations of an account leak.
截至目前��,三麗鷗公司尚未對賬戶泄露事件作出公開回應。
As well as SanrioTown itself, accounts from a number of other Hello Kitty websites were also included in the leak: according to Salted Hash, those are hellokitty.com, hellokitty.com.sg, hellokitty.com.my, hellokitty.in.th, and mymelody.com. Two backup servers were also discovered online.
除了三麗鷗網站賬戶外,不少Hello Kitty衍生網站的賬戶信息也遭到泄露����,包括hellokitty.com�,hellokitty.com.sg���,hellokitty.com.my����,hellokitty.in.th和mymelody.com���。另外�����,該公司的兩份備份資料也在網上被公之于眾��。
This is the second major breach of an Asian toy company's database in as many months.
這已是數月來第二宗針對亞洲玩具公司數據庫的大規模網絡攻擊了����。
Electronic toymaker VTech Holdings Ltd said in November that it was the victim of a cyber attack that compromised information about customers who access a portal for downloading children's games, books and other educational content.
另一家電子玩具制造商偉易達(VTech Holdings Ltd)稱,11月公司曾遭遇一輪網絡攻擊。顧客在登錄公司網站下載兒童游戲�、書籍及教育材料后��,個人信息會遭到泄露。
Vickery and Sanrio could not immediately be reached for comment.
目前,維克瑞與三麗鷗公司均未對此事作出回應�。
英文來源:每日郵報
譯者:郭汪韜略
審校&編輯:丹妮
