Sega Pass System Hacked, Company Informs Customers

June 17, 2011 -

According to a letter posted by our very own E. Zachary Knight at his personal website ezknight.net, Sega has been hacked, and the scope and scale of the security breach seems to be grand in nature. According to the email from Sega, the company was forced to take down its "Sega Pass System" yesterday after it identified that an "unauthorized entry" had occurred with the system's user database.

A "subset" of SEGA Pass members' emails addresses, dates of birth and encrypted passwords were  stolen during that intrusion, says Sega. Thankfully, no credit card or other personal financial information was stolen, and Sega stressed that the stolen data was encrypted and not in "plain text" format.

The usual warnings come with the email: change your password and watch out for any suspicious emails that might ask you to divulge further information. As a rule companies do not ask users to provide personal information within emails.

The full letter can be found below:

Dear XXXX,

As you may be aware, the SEGA Pass system has been offline since yesterday, Thursday 16 June.

Over the last 24 hours we have identified that unauthorised entry was gained to our SEGA Pass database.

We immediately took the appropriate action to protect our consumers’ data and isolate the location of the breach. We have launched an investigation into the extent of the breach of our public systems.

We have identified that a subset of SEGA Pass members emails addresses, dates of birth and encrypted passwords were obtained. To stress, none of the passwords obtained were stored in plain text.

Please note that no personal payment information was stored by SEGA as we use external payment providers, meaning your payment details were not at risk from this intrusion.

If you use the same login information for other websites and/ or services as you do for SEGA Pass, you should change that information immediately.

We have also reset your password and all access to SEGA Pass has been temporarily suspended.

Additionally we recommend you please take extra caution if you should receive suspicious emails that ask for personal or sensitive information.

Therefore please do not attempt to login to SEGA Pass at present, we will communicate when the service becomes available.

We sincerely apologise for this incident and regret any inconvenience caused.

We are contacting all our members with these recommendations.

If you have any further questions please contact SEGA customer support on: mailto:csescalations@sega.com

Thanks to E. Zachary Knight and Andrew Eisen for the tips.


 
Forgot your password?
Username :
Password :

Shout box

You're not permitted to post shouts.
Andrew EisenNow, having said that, what sites are you reading that are claiming that if "you self-identify as a Gamer, you're immediately the problem" or that gamers are "obligated to stop harassment"? Or was that hyperbole too?09/21/2014 - 1:03am
Andrew EisenFirst of all, ONE person in the Shout box suggested an obligation to call harassers out on their harassing but only after YOU brought it up. Plus, Techno said "when you see it happening." If you don't see it, you're not under any obligation.09/21/2014 - 1:02am
Sleaker@Craig R. - at this point I don't even know what the hashtags are suppsed to be in support of. what does GamerGate actually signify.09/21/2014 - 12:21am
Sleaker@AE - Hyperbole for the first 2, but it seems like some of the comments in the shout are attempting to place blame on fellow gamers because they aren't actively telling people to stop harassing even though they don't necessarily know anyone that has.09/21/2014 - 12:16am
Andrew EisenSleaker - Who the heck are you reading that is claiming "all gamers are bad," we "need to pass laws or judgement on all gamers," that if "you self-identify as a Gamer, you're immediately the problem," or that gamers are "obligated to stop harassment"?09/20/2014 - 9:44pm
erthwjimhe swatted more than just krebs, I think he swatted 30 people http://krebsonsecurity.com/2014/05/teen-arrested-for-30-swattings-bomb-threats/09/20/2014 - 9:31pm
Craig R.Btw, the guy who swatted security expert Brian Krebs? He got picked up recently. It can be done.09/20/2014 - 8:55pm
Craig R.Such things are not done in a vacuum... hence why the 4chan and other logs show what fools you've all been, tricked into doing the trolls' work09/20/2014 - 8:49pm
Sleaker@Technogeek - How do you call someone out that anonymously calls in a SWAT team, or sends threats to people?09/20/2014 - 7:04pm
Technogeek"It also doesn't mean you're obligated to stop harassment from all gamers that are doing so." I'd say you're certainly obligated to call them out when you see it happening.09/20/2014 - 5:17pm
SleakerNow if you disagree with anything in my last 2 posts then we obviously have a difference in world view, and wont come to any sort of agreement. I'm fine with that, maybe some people aren't?09/20/2014 - 5:09pm
SleakerIt also doesn't mean that just because a news outlet says that Gamers are the problem and you self-identify as a Gamer, you're immediately the problem. It also doesn't mean you're obligated to stop harassment from all gamers that are doing so.09/20/2014 - 4:59pm
SleakerJust to re-iterate: People getting harassed is wrong. Just because someone is harassed by so called 'gamers' doesn't mean that all gamers are bad. nor does it mean that you need to pass laws or judgement on all gamers.09/20/2014 - 4:56pm
SleakerAnd furthermore just because someone doesn't 'crusade against the evil' that doesn't make them the problem. You can have discussion with those around you. There's a thing called sphere of influence.09/20/2014 - 4:54pm
Sleaker@Conster - one person getting harassed is a 'problem' only so far as the harassee's are doing it. Just because a select few people choose to act like this doesn't make it widespread. Nor does it immediately make everyone responsible to put an end to it.09/20/2014 - 4:54pm
james_fudgeno worries09/20/2014 - 4:15pm
TechnogeekI misread james' comment as "we can't have a debate without threatening" there at first. Actually wound up posting a shout about death threats and "kill yourself" not technically being the same thing before I realized.09/20/2014 - 3:59pm
james_fudgeDon't hit me *cowers behind Andrew*09/20/2014 - 3:20pm
ConsterYou take that back right now, james, or else. *shakes fist menacingly*09/20/2014 - 3:00pm
james_fudgeOur community is awesome. We can have a debate without threatening to kill each other.09/20/2014 - 2:50pm
 

Be Heard - Contact Your Politician