Tom Spring reports:Acache of data including 3.3 million user credentials belonging to Hello Kitty parent company Sanrio surfaced over the weekend.The breach was originally reported in December 2015, but at the time Sanrio denied any data was stolen as part of the breach. The breach was tied to a misconfigured MongoDB installation that was discovered by security researcher Chris Vickery.[…]On Monday, Vickery told Threatpost that Sanrio claimed that in 2015 that he was the only person to have accessed the database as part of his research. He said that Sanrio, at the time, said there were no additional intruders that may have swiped data from its database.
Read more on ThreatPost.
Since 2015, when DataBreaches.net started collaborating with Vickery and reporting on the exposed databases he finds, he and I have had several chats about how quickly some entities claim that we are the only ones who accessed their databases. This report suggests that some entities may either not...(continued)