Sections

Sega confirms 1.3m Sega Pass customers’ details “obtained”

Sunday, 19th June 2011 09:44 GMT By Patrick Garratt

Sega said in a press released today that 1,290,755 Sega Pass users’ details were stolen in Friday’s website hack, including names, email addresses, dates of birth and encrypted passwords.

Following confirmation on Friday that Sega’s Sega Pass website had been hacked and user data compromised, the publisher said this morning that “1,290,755 customers’ information including Sega Pass members name, email addresses, dates of birth and encrypted passwords were obtained.”

No financial data was stored on the site.

The firm added: “We express our sincerest apologies to our customers for the inconvenience and concern caused by this matter. Sega Pass is the service used to provide information about our new products to registered members and does not hold any customer financial information.

“After the unauthorized entry was identified, we immediately stopped the SEGA Pass service and took emergency action to prevent further damage. This action included immediately contacting all our registered SEGA Pass users. We are now fully investigating the cause of the incident.”

Sega said it will “immediately report through the website of Sega Europe should there be any further developments regarding this issue.”

The company will “strengthen network security as a priority issue” as a result of the hack.

The incident is merely the latest in a string of network attacks against games companies in 2011, the full extent of which is catalogued here.

Breaking news

10 Comments

Sign in to post a comment.

  1. ZakAttack

    Fail.

    #1 3 years ago
  2. Noodlemanny

    Getting really bored of this now guys.

    #2 3 years ago
  3. Anders

    Oh fuck. This is getting crazy.

    #3 3 years ago
  4. DSB

    What the hell is a Sega pass, and why would you ever want one?

    #4 3 years ago
  5. TheWulf

    I’m almost beginning to wonder if this is some incredibly clever plan by an affiliation of big business types to get themselves hacked so that they can call for tighter restrictions on the Internet.

    Imagine a new law being drafted where Microsoft is forced to bundle a rootkit in with Windows that destroys your system if you so much as think of opening even a hex editor.

    /tin_foil_hat

    8D

    @4

    To play the Sega published Total War games online is what I’ve heard.

    #5 3 years ago
  6. NeoSquall

    There’s no need for a SEGA pass to play TW games online.

    TheWulf, are you really still keep protecting them?
    Are you this… I don’t know how to describe it… brainwashed? failanarchic?

    One may wonder if you are actually one of them hacker lot, enjoying the view of us “butthurt gamers” from a closer point of view.

    #6 3 years ago
  7. Dannybuoy

    Fackin hackin malicious meddlin morons strike again

    #7 3 years ago
  8. OlderGamer

    I use PSU on xbLive. I pay a monthly fee/sub to play the game w/friends. Anyone know if this is remotly or in anyway connected to Sega Pass?

    #8 3 years ago
  9. TheWulf

    @6

    My post.
    ————>WOOSH!
    NeoSquall’s head.

    Now, to paraphrase a beloved character of mine, if you’ll excuse me, I have a star to catch.

    WHEEEEE!

    (On a sliiightly more serious note–but not really–I have to inform you that a functioning sarcasm detector is the sign of a higher intelligence. :P I honestly cannot believe you took that post seriously. Wow. I wonder if your increasingly potent butthurtedness was the cause behind those symptoms? Your broken sarcasm detector, I mean.)

    #9 3 years ago
  10. TheWulf

    For those who might be as slow as NeoSquall there I feel I’m going to have to get really serious for a bit, which is rare. Okay, I’ve never been a fan of LulzSec. I don’t like what they stand for, nor do I like how their actions are making people use the word ‘hacker’ as an umbrella term that includes groups like LulzSec.

    You can be irritated at companies for having poor security and not agree with the methods of a bunch of black hat hackers. Not everything is zero-one binary, not everything is black & white, sometimes things are complicated and this is one of those things. This whole situation is very complicated.

    I suppose some, like NeoSquall, still might not understand how this is completely consistent with how I’ve always felt.

    For one, I’ve never liked how groups like this have forced people to view hackers. People can be bloody luddites and it irritates me, and groups like this just go to prove that people tend to over-generalise and really have no understanding of technology at all, so they’ll just attach a label like ‘hacker’ to LulzSec without really at all understanding what that label means or what meanings it conveys to other people. Nor will they understand how insulting that usage is to other people.

    What groups like LulzSec are also proving is that many games companies need to tighten up their security. LulzSec can’t hack some places and they know it, they’ve admitted as much on their twitter. Things like Steam, Facebook, and other services that have locked themselves down with nice security won’t be hacked by LulzSec. At the very most they’ll be disabled by a DDoS. But if you have bad security then you’re going to get hacked. As I pointed out before, parading around your bad security is like putting an injured prey animal in front of a big cat.

    It’s human nature to be predatory. I don’t agree with that. I don’t agree with violence, and gamers can be bloody violent people. I find a lot of it reprehensible to be honest, but I don’t feel like explaining that now. That’s a topic for another day, if ever. (And perhaps I’m just making you angry to get you to realise how true this point is.)

    But that’s the thing. I still don’t agree with LulzSec’s methods and I am irked by their methods, but I don’t think that there’s a good/evil scenario here. Not at all. I don’t think it’s all binary, black & white, and easy to understand. I think there’s enough blame to go around. Sony getting hacked? The only people to hurt Sony were Sony, Sony believed that the only security they needed was client-side, on the PS3, and that left them wide open to attack. They made it easy.

    You have to wonder how much of an issue this would be, and how much ‘lulz’ this LulzSec person would be having if security mattered to games companies as much as it should. We trust them to be responsible with our data but they’re proving that they’re clearly not responsible, that in many cases they flat out just don’t care. Sony made themselves easy to hack and easy for data to be obtained. Sega is a step up from Sony in that at least they used proper encryption.

    Now this might sound like I’m defending LulzSec, but I’m not. I find their actions rather deplorable. But again, it’s complicated. It’s fair to say that people are seeing the inherent flaws in trusting everyone with their details when those details could just as easily be stolen away thanks to poor security by a group like LulzSec, who’d put them up online ‘for the lulz.’

    And after all that, some may still be scratching their heads and deciding that “THEWULF STANDS WITH DER TERRARISTS!!!”, sadly enough.

    Still, I’m hoping that the majority of you are smart enough to read, comprehend, and understand my point of view, even if you don’t necessarily agree with it.

    Fin.

    #10 3 years ago