IE 11 is not supported. For an optimal experience visit our site on another browser.

Sanrio Fixes Security Hole That Exposed Info of Millions of Hello Kitty Fans

Sanrio, creator of Hello Kitty and other popular characters, confirmed the existence of (and fixes to) a security vulnerability that exposed millions.

Sanrio, creator of Hello Kitty and other popular characters, on Tuesday said it has fixed a security vulnerability that exposed information on 3.3 million users from its fan website

In a statement provided to NBC News, the company wrote:

"On December 19, it was revealed through outside sources that personal information such as names, date of birth, gender, and other information belonging to members was accessible if you knew the address of the vulnerable servers. The vulnerable data did not include credit card information or other payment information and passwords were securely encrypted.

"Sanrio Digital has investigated the problem and the vulnerability has been corrected. In addition, new security measures have been applied on the server(s); and we are conducting an internal investigation and security review into this incident. To the Company’s current knowledge, no data was stolen or exposed."

Related: 'Hello Kitty' Fan Database Leak Exposes 3.3 Million Users: Researcher

The vulnerability was originally discovered by security researcher Chris Vickery, who in an earlier email to NBC News described the data on the servers as "very easily accessed." Some 3.3 million accounts were exposed, though Japan-based Sanrio has not said how many of those belonged to children.

Because password information and hints were exposed, however, it is advisable that anyone who thinks they may have been affected change their passwords at other sites.