In what is becoming an almost daily, re-occurring tale, another online videogame service has been attacked by hackers. This time around it’s SEGA, as the company has sent out an email to the users of its SEGA Pass service warning them of an "unauthorized entry" into the opt-in newsletter’s database and has taken the service offline.
"We have identified that a subset of SEGA Pass members emails addresses, dates of birth and encrypted passwords were obtained," stated the email. "To stress, none of the passwords obtained were stored in plain text."
The service is also used as an account system for online SEGA games such as Spiral Knights. The company has already gone ahead and taken the precaution of resetting all user passwords. It also stated that payment information was not at risk by the attack since that is held on external servers.
For now, SEGA asks its SEGA Pass users to refrain from logging into the service and that if any login information used for SEGA Pass is the same as that for any other service to change it immediately.
LulzSec, the organization that has been behind recent attacks on The Escapist, EVE Online, and others, has not only denied involvment in this incident, but has threatened to retaliate on SEGA’s behalf.
"We want to help you destroy the hackers that attacked you," read a post on the group’s Twitter account. "We love the Dreamcast, these people are going down."
To see the full email from SEGA to its SEGA Pass users, just take a look below.
As you may be aware, the SEGA Pass system has been offline since yesterday, Thursday 16 June.
Over the last 24 hours we have identified that unauthorised entry was gained to our SEGA Pass database.
We immediately took the appropriate action to protect our consumers’ data and isolate the location of the breach. We have launched an investigation into the extent of the breach of our public systems.
We have identified that a subset of SEGA Pass members emails addresses, dates of birth and encrypted passwords were obtained. To stress, none of the passwords obtained were stored in plain text.
Please note that no personal payment information was stored by SEGA as we use external payment providers, meaning your payment details were not at risk from this intrusion.
If you use the same login information for other websites and/or services as you do for SEGA Pass, you should change that information immediately.
We have also reset your password and all access to SEGA Pass has been temporarily suspended.
Additionally we recommend you please take extra caution if you should receive suspicious emails that ask for personal or sensitive information.
Therefore please do not attempt to login to SEGA Pass at present, we will communicate when the service becomes available.
We sincerely apologise for this incident and regret any inconvenience caused.
We are contacting all our members with these recommendations.
If you have any further questions please contact SEGA customer support on csescalations@sega.com
© SEGA. SEGA and the SEGA logo are either registered trademarks or trademarks of SEGA Corporation.
All rights reserved.
