In the 90s, then-video game console manufacturer Sega's popular counter to rival Nintendo was the phrase "Sega does what Nintendon't." It was meant to point out the differences between the competitors; Nintendo focused on more family-friendly fare, and Sega touted whiz-bang graphics and sports games. A new cyber attack brings back memories of those times, but with a twist: Sega customer information was accessed by an outside group this week, while a recent attack on Nintendo saw no such leak.
Sega sent a mass email to its customers on Friday stating an unspecified number of emails, passwords and birth dates were compromised during a recent intrusion into the company's "Sega Pass" system. The message reads:
As you may be aware, the SEGA Pass system has been offline since yesterday, Thursday 16 June.
Over the last 24 hours we have identified that unauthorised entry was gained to our SEGA Pass database.
We immediately took the appropriate action to protect our consumers’ data and isolate the location of the breach. We have launched an investigation into the extent of the breach of our public systems.
We have identified that a subset of SEGA Pass members emails addresses, dates of birth and encrypted passwords were obtained. To stress, none of the passwords obtained were stored in plain text.
Please note that no personal payment information was stored by SEGA as we use external payment providers, meaning your payment details were not at risk from this intrusion.
If you use the same login information for other websites and/or services as you do for SEGA Pass, you should change that information immediately.
We have also reset your password and all access to SEGA Pass has been temporarily suspended.
Additionally we recommend you please take extra caution if you should receive suspicious emails that ask for personal or sensitive information.
Therefore please do not attempt to login to SEGA Pass at present, we will communicate when the service becomes available.
We sincerely apologise for this incident and regret any inconvenience caused.
We are contacting all our members with these recommendations.
If you have any further questions please contact SEGA customer support on csescalations@sega.com
The message at the Sega Pass site, however, provides visitors with a vague explanation:
Hi
SEGA Pass is going through some improvements so is currently unavailable for new members to join or existing members to modify their details including resetting passwords.
We hope to be back up and running very soon.
Thank you for your paitence [SIC]
The forums at Sega.com are also down as of press time for "essential maintenance."
Online hacker group LulzSec, which launched a torrent of DDoS attacks against game companies earlier this week, offered Sega its assistance. "We want to help you destroy the hackers that attacked you," the group tweeted. "We love the Dreamcast, these people are going down." Ironically, it was LulzSec who took credit for hacking Nintendo's servers two weeks ago and cited the company's N64 game console as a reason the attacks didn't go further.
It's been a rough few weeks for game companies; Sega is only the most recent hacker target. Bethesda, Codemasters and Eidos have also been attacked and watched customer information fall into unknown hands. (via PlayStationLifeStyle)
