A database for Sanrio, the Japanese owner of the Hello Kitty brand, was breached, putting 3.3 million of its users’ data at risk, according to security website CSOonline.com’s report.
The leaked data includes information such as users’ full names, email addresses and encrypted passwords, the website reported, citing security researcher Chris Vickery.
It was not clear if the exposed data contained any financial information.
This is the second major breach of an Asian toy company’s database in as many months.
Electronic toymaker VTech Holdings Ltd said in November that it was the victim of a cyber attack that compromised information about customers who access a portal for downloading children’s games, books and other educational content.
Vickery and Sanrio could not immediately be reached for comment.