Puroland Gets Hacked with Ransomware, 2 Million Club Records Potentially Leaked

Are you a member of the Puroland Club? If so, bad news: your personal information may have just been leaked.

Sanrio Entertainment – whose parent company owns popular characters such as Hello Kitty, My Melody, and Kuromi – investigated what appeared to be a site outage this week, according to NTV. IT personnel discovered that the site had been hacked and infected with ransomware, a type of virus that takes control of critical systems and won’t relinquish it unless the victim pays the attacker.

Sanrio operates Puroland, the amusement park for Sanrio characters in the city of Tama, Tokyo. The reports say that, as part of the intrusion, the records of up to two million customers who subscribed to the Puroland Club and who purchased a yearly passport, as well as the information of employees and clients, may have been leaked. The information includes customers’ names and addresses.

As of this writing, the site for the Puroland Club Passport is still temporarily down. The Japanese version of puroland.jp is redirecting the Passport page to a page labeled /passport_temporary, and it carries a message saying that, “due to network trouble,” customers currently can’t buy theme park tickets or e-passports.

Sanrio says there’s no danger or risk to the parent company and that the intrusion is limited to Sanrio Entertainment’s systems. According to NHK, no financial data has been leaked either.

Planning a trip to Japan? Get an authentic, interpreted experience from Unseen Japan Tours and see a side of the country others miss!

"Noah [at Unseen Japan] put together an itinerary that didn’t lock us in and we could travel at our own pace. In Tokyo, he guided us personally on a walking tour. Overall, he made our Japan trip an experience not to forget." - Kate and Simon S., Australia

See a side of Tokyo that other tourists can't. Book a tour with Unseen Japan Tours - we'll tailor your trip to your interests and guide you through experiences usually closed off to non-Japanese speakers.

Want more news and views from Japan? Donate $5/month ($60 one-time donation) to the Unseen Japan Journalism Fund to join Unseen Japan Insider. You'll get our Insider newsletter with more news and deep dives, a chance to get your burning Japan questions answered, and a voice in our future editorial direction.

Sanrio Entertainment has apologized and vows to take steps to strengthen its security going forward.

Cyberattacks on Japanese companies aren’t uncommon. Last year, a ransomware attack on popular video site Niconico took the service down for two months.

Discuss this article with other UJ fans on our Bluesky account or Discord server!

Help keep us going

We’re an independent site that keeps our content free of intrusive ads. If you love what we do, help us do more with a donation to the Unseen Japan Journalism Fund in any amount.

Donate

What to read next

Women

Japanese Female TV Host Says Station Turned Her Sexual Harassment Into Content

The woman alleges the station not only tolerated the harassment but turned it into fodder for local broadcast.

Read More »

News

Why Is Kawaguchi’s Kurdish Community Under Fire?

The Kurdish community in Kawaguchi faces growing hostility, blamed by locals for neighborhood unrest. But how do they see it?

Read More »

Women

2025 Gender Gap Report Finds Japan Still at Bottom of G7

While Japan made progress in several areas, it took a huge step back in representation at the highest level of government.

Read More »