The personal information of 3.3 million Hello Kitty fans were reportedly exposed due to the 'misconfiguration' of the database of Sanriotown.com, the official online community for Hello Kitty and other Sanrio characters.

            According to the report of Steve Ragan of Salted Hash, researcher Chris Vickery contacted the online security news portal to report an alleged database for the Sanrio that houses 3.3 million accounts and has ties to a number of other Hello Kitty portals.

            "The records exposed include first and last names, birthday (encoded, but easily reversible Vickery said), gender, country of origin, email addresses, unsalted SHA-1 password hashes, password hint questions, their corresponding answers, and other data points that appear to be website related," wrote Ragan. "Vickery also noted that accounts registered through the fan portals of the following websites were also impacted by this leak: hellokitty.com; hellokitty.com.sg; hellokitty.com.my; hellokitty.in.th; and mymelody.com."

            In a report by Brian Mastroianni, Peter Tran, GM and senior director at the network security company RSA, told CBS News that, "The data itself might not be an immediate snatch-and-grab now, but it is a treasure trove of information that hackers could mine through for future generations going forward."

            "These kids are going to be even more connected in the future, and while some of the information shared about them now might not bear the same consequence," continued Tran.  "They will be living in a world where they will have Apple Pay and Google Wallet and other things."

            Fox News reported that experts are now warning parents to be more vigilant on how personal data is being handled.

            "In addition to evaluating toys, apps, and websites for their entertainment and educational value," said Suni Munshani, CEO of data security specialist Protegrity in his statement in Fox News. "Parents must also look at the security risks associated with such activity and demand that companies provide details about the data they collect, how it is used, who has access to it, and how it is secured."