A database for Sanrio, the Japanese owner of the Hello Kitty brand, was breached, putting 3.3 million of its users' data at risk, according to security website CSOonline.com's report.
網(wǎng)絡(luò)安全信息網(wǎng)站CSOOnline.com的一份報(bào)告顯示�,日本三麗鷗公司(Sanrio)某數(shù)據(jù)庫(kù)遭遇攻擊����,導(dǎo)致330萬(wàn)Hello Kitty品牌客戶(hù)的資料面臨風(fēng)險(xiǎn)�。
The leaked data includes information such as users' full names, email addresses and encrypted passwords, the website reported, citing security researcher Chris Vickery.
報(bào)告指出�,據(jù)網(wǎng)絡(luò)安全研究員克里斯·維克瑞稱(chēng),此次泄露的數(shù)據(jù)包括用戶(hù)全名�����、電子郵箱地址,以及加密密碼���。
The information exposed in the breach includes the first and last names, birth dates, genders, countries of origin, and email addresses for 3.3 million accounts.
而這330萬(wàn)個(gè)賬號(hào)的用戶(hù)姓名���、生日、性別�����、國(guó)籍�����,以及電子郵箱都可能遭到曝光���。
It is not clear if the exposed data contained any financial information.
此次泄露的數(shù)據(jù)中是否還包含客戶(hù)的財(cái)務(wù)信息���,目前仍不得而知。
The passwords are 'lightly-protected' along with forgotten password questions and answers.
用戶(hù)密碼的保護(hù)機(jī)制似乎“并不嚴(yán)密”��,僅有密碼重置問(wèn)題與答案兩項(xiàng)�����。
The passwords themselves are “hashed”, a form of protection which renders it technically impossible to retrieve the original password.
不過(guò)���,三麗鷗對(duì)用戶(hù)密碼采取了“哈希運(yùn)算”�,能保證初始密碼不會(huì)被完全破解��。
However, the hashing technique used by SanrioTown leaves it easy for an attacker to uncover a significant proportion of the obscured passwords.
然而��,即便采取了上述加密技術(shù)��,黑客依舊能破譯很大一部分字符�。
Sanrio, the owner of the brand, has not publicly responded to the allegations of an account leak.
截至目前,三麗鷗公司尚未對(duì)賬戶(hù)泄露事件作出公開(kāi)回應(yīng)��。
As well as SanrioTown itself, accounts from a number of other Hello Kitty websites were also included in the leak: according to Salted Hash, those are hellokitty.com, hellokitty.com.sg, hellokitty.com.my, hellokitty.in.th, and mymelody.com. Two backup servers were also discovered online.
除了三麗鷗網(wǎng)站賬戶(hù)外���,不少Hello Kitty衍生網(wǎng)站的賬戶(hù)信息也遭到泄露��,包括hellokitty.com�,hellokitty.com.sg�,hellokitty.com.my,hellokitty.in.th和mymelody.com����。另外�,該公司的兩份備份資料也在網(wǎng)上被公之于眾��。
This is the second major breach of an Asian toy company's database in as many months.
這已是數(shù)月來(lái)第二宗針對(duì)亞洲玩具公司數(shù)據(jù)庫(kù)的大規(guī)模網(wǎng)絡(luò)攻擊了��。
Electronic toymaker VTech Holdings Ltd said in November that it was the victim of a cyber attack that compromised information about customers who access a portal for downloading children's games, books and other educational content.
另一家電子玩具制造商偉易達(dá)(VTech Holdings Ltd)稱(chēng)���,11月公司曾遭遇一輪網(wǎng)絡(luò)攻擊����。顧客在登錄公司網(wǎng)站下載兒童游戲����、書(shū)籍及教育材料后,個(gè)人信息會(huì)遭到泄露���。
Vickery and Sanrio could not immediately be reached for comment.
目前�,維克瑞與三麗鷗公司均未對(duì)此事作出回應(yīng)�����。
英文來(lái)源:每日郵報(bào)
譯者:郭汪韜略
審校&編輯:丹妮
