sega-pass
Latest
Sega Pass hack exposed 1.3 million accounts, LulzSec denies responsibility
The Sega Pass hack has been upgraded from "temporary loss of some service to which we weren't really paying attention," all the way to "reasonably serious business." In a statement to Reuters, Sega revealed the scope of the data breach: over 1.3 million user accounts, including dates of birth and passwords. The publisher made it clear when it initially announced the breach that payment information wasn't at risk. "We are deeply sorry for causing trouble to our customers," Sega spokesperson Yoko Nagasawa said in today's statement. "We want to work on strengthening security." This time, hacker collective LulzSec isn't claiming responsibility, instead sending out a tweet offering to help Sega find the actual culprit. "We love the Dreamcast," they said. "These people are going down."
Sega's online Pass hacked, 1.3 million user passwords stolen
Let's bid a bitter welcome to Sega, the latest entrant to the newly founded club of hacked online communities. Sega Pass, the company's web portal, suffered a breach of its defenses on Thursday, which has now been identified to have affected a whopping 1.29 million users. Usernames, real names, birth dates, passwords, email addresses, pretty much everything has been snatched up by the malicious data thieves, with the important exception of credit / debit card numbers. We'd still advise anyone affected to keep a watchful eye on his or her banking transactions -- immediately after changing that compromised password, of course. In the meantime, Sega's keeping the Pass service offline while it rectifies the vulnerability; it'll be able to call on an unexpected ally in its search for the perpetrators in the form of LulzSec, a hacker group that boasted proudly about infiltrating Sony's network, but which has much more benevolent intentions with respect to Sega. What a topsy-turvy world we live in!
Sega warns users of recent 'Sega Pass' hack
It's an all-too-familiar story, as another game-related online service is hacked. Sega sent out an email to users of Sega Pass, an opt-in newsletter service (also used as an account system for online Sega games like Spiral Knights), warning them of an "unauthorised entry" into the Sega Pass database. As a result of this intrusion, Sega took the system offline yesterday. "We have identified that a subset of SEGA Pass members emails addresses, dates of birth and encrypted passwords were obtained," the email warns. "To stress, none of the passwords obtained were stored in plain text," though it took the precaution of resetting all passwords anyway. In addition, Sega says that since payment information related to Sega Pass was stored through external providers, it wasn't at risk. Sega asked users to refrain from trying to log into Sega Pass -- there's nothing there at the moment anyway. And "if you use the same login information for other websites and/or services as you do for SEGA Pass, you should change that information immediately." [Thanks to everyone who sent this in!]
