Puroland Gets Hacked with Ransomware, 2 Million Club Records Potentially Leaked

Are you a member of the Puroland Club? If so, bad news: your personal information may have just been leaked.

Sanrio Entertainment – whose parent company owns popular characters such as Hello Kitty, My Melody, and Kuromi – investigated what appeared to be a site outage this week, according to NTV. IT personnel discovered that the site had been hacked and infected with ransomware, a type of virus that takes control of critical systems and won’t relinquish it unless the victim pays the attacker.

Sanrio operates Puroland, the amusement park for Sanrio characters in the city of Tama, Tokyo. The reports say that, as part of the intrusion, the records of up to two million customers who subscribed to the Puroland Club and who purchased a yearly passport, as well as the information of employees and clients, may have been leaked. The information includes customers’ names and addresses.

As of this writing, the site for the Puroland Club Passport is still temporarily down. The Japanese version of puroland.jp is redirecting the Passport page to a page labeled /passport_temporary, and it carries a message saying that, “due to network trouble,” customers currently can’t buy theme park tickets or e-passports.

Sanrio says there’s no danger or risk to the parent company and that the intrusion is limited to Sanrio Entertainment’s systems. According to NHK, no financial data has been leaked either.

Planning a trip to Japan? Get an authentic, interpreted experience from Unseen Japan Tours and see a side of the country others miss!

"Noah [at Unseen Japan] put together an itinerary that didn’t lock us in and we could travel at our own pace. In Tokyo, he guided us personally on a walking tour. Overall, he made our Japan trip an experience not to forget." - Kate and Simon S., Australia

Want more news and views from Japan? Donate $5/month ($60 one-time donation) to the Unseen Japan Journalism Fund to join Unseen Japan Insider. You'll get our Insider newsletter with more news and deep dives, a chance to get your burning Japan questions answered, and a voice in our future editorial direction.

Sanrio Entertainment has apologized and vows to take steps to strengthen its security going forward.

Cyberattacks on Japanese companies aren’t uncommon. Last year, a ransomware attack on popular video site Niconico took the service down for two months.

Tip This Article

We’re an independent site that keeps our content free of paywalls and intrusive ads. If you liked this story, please consider a tip or recurring donation of any amount to help keep our content free for all.

Tip Us

What to read next

Society

Osaka Street Piano Apologizes For Telling Bad Players to Practice at Home

A street piano at an Osaka food court is no more after its management company made it clear it only wanted TikTok-level performances.

Read More »

Law & Crime

A Hokkaido Aquarium Loans Free Baby Strollers. People Are Stealing Them

Many netizens are blaming the aquarium for handing out fancy strollers with zero guarantees, such as an address or deposit.

Read More »

Travel

Japanese Shrine Bans Tourists, Laments “Destruction of Japanese Culture”

A beautiful shrine on the island of Tsushima has dropped the ban hammer after what it calls an “unforgivable act of disrespect.”

Read More »