A database for Sanrio, the Japanese owner of the Hello Kitty brand, was breached, putting 3.3 million of its users' data at risk, according to security website CSOonline.com's report.
網(wǎng)絡(luò)安全信息網(wǎng)站CSOOnline.com的一份報(bào)告顯示���,日本三麗鷗公司(Sanrio)某數(shù)據(jù)庫遭遇攻擊���,導(dǎo)致330萬Hello Kitty品牌客戶的資料面臨風(fēng)險(xiǎn)���。
The leaked data includes information such as users' full names, email addresses and encrypted passwords, the website reported, citing security researcher Chris Vickery.
報(bào)告指出���,據(jù)網(wǎng)絡(luò)安全研究員克里斯·維克瑞稱���,此次泄露的數(shù)據(jù)包括用戶全名���、電子郵箱地址���,以及加密密碼���。
The information exposed in the breach includes the first and last names, birth dates, genders, countries of origin, and email addresses for 3.3 million accounts.
而這330萬個(gè)賬號(hào)的用戶姓名���、生日���、性別���、國籍,以及電子郵箱都可能遭到曝光。
It is not clear if the exposed data contained any financial information.
此次泄露的數(shù)據(jù)中是否還包含客戶的財(cái)務(wù)信息���,目前仍不得而知���。
The passwords are 'lightly-protected' along with forgotten password questions and answers.
用戶密碼的保護(hù)機(jī)制似乎“并不嚴(yán)密”���,僅有密碼重置問題與答案兩項(xiàng)���。
The passwords themselves are “hashed”, a form of protection which renders it technically impossible to retrieve the original password.
不過���,三麗鷗對(duì)用戶密碼采取了“哈希運(yùn)算”���,能保證初始密碼不會(huì)被完全破解���。
However, the hashing technique used by SanrioTown leaves it easy for an attacker to uncover a significant proportion of the obscured passwords.
然而,即便采取了上述加密技術(shù)���,黑客依舊能破譯很大一部分字符。
Sanrio, the owner of the brand, has not publicly responded to the allegations of an account leak.
截至目前���,三麗鷗公司尚未對(duì)賬戶泄露事件作出公開回應(yīng)���。
As well as SanrioTown itself, accounts from a number of other Hello Kitty websites were also included in the leak: according to Salted Hash, those are hellokitty.com, hellokitty.com.sg, hellokitty.com.my, hellokitty.in.th, and mymelody.com. Two backup servers were also discovered online.
除了三麗鷗網(wǎng)站賬戶外���,不少Hello Kitty衍生網(wǎng)站的賬戶信息也遭到泄露���,包括hellokitty.com���,hellokitty.com.sg���,hellokitty.com.my���,hellokitty.in.th和mymelody.com���。另外���,該公司的兩份備份資料也在網(wǎng)上被公之于眾���。
This is the second major breach of an Asian toy company's database in as many months.
這已是數(shù)月來第二宗針對(duì)亞洲玩具公司數(shù)據(jù)庫的大規(guī)模網(wǎng)絡(luò)攻擊了���。
Electronic toymaker VTech Holdings Ltd said in November that it was the victim of a cyber attack that compromised information about customers who access a portal for downloading children's games, books and other educational content.
另一家電子玩具制造商偉易達(dá)(VTech Holdings Ltd)稱,11月公司曾遭遇一輪網(wǎng)絡(luò)攻擊���。顧客在登錄公司網(wǎng)站下載兒童游戲、書籍及教育材料后���,個(gè)人信息會(huì)遭到泄露。
Vickery and Sanrio could not immediately be reached for comment.
目前,維克瑞與三麗鷗公司均未對(duì)此事作出回應(yīng)���。
英文來源:每日郵報(bào)
譯者:郭汪韜略
審校&編輯:丹妮
