Sanrio Puroland, a popular theme park, confirmed on January 21, 2025, that it had fallen victim to a cyberattack, which led to a significant disruption in its network. The unauthorized third-party attack compromised several systems, causing major services such as the My Page feature on the website, visitor reservations, and e-passport ticket purchases to be unavailable. As a result, several visitors experienced delays in park access, and services like reservations and ticket purchases were temporarily halted.
The theme park quickly initiated an internal investigation and acknowledged that unauthorized access had occurred on the night of January 21.
The company is working with external specialized organizations to assess the full impact of the breach, including whether any personal data or sensitive information was exposed. The investigation also involves law enforcement, and additional security measures have been taken, such as restricting external access to the affected systems.
By January 22, the extent of the network disruption was still evident, with the My Page function, visitor reservations, and the corporate website still down. Additionally, the park announced that it would be closed on January 22 and 23, 2025, while it continued to work on restoring services. The company assured visitors that it was working swiftly to resolve the issue and apologized for the inconvenience and concerns caused by the disruption.
In response to the cyberattack, Sanrio Puroland has provided updates on how it plans to handle reservations and ticket sales going forward. New visitor reservations are temporarily suspended, and the sale of annual passports has been halted until January 31, 2025. However, the park intends to resume normal operations by January 24, with adjustments to ticketing and visitor guidance, while continuing to investigate and resolve the situation. The company apologized again for the ongoing inconvenience and expressed its commitment to restoring full services.
Reference: