We have been following up on the different hacker attacks that have been affecting different companies over the last months. This time the victim was SEGA, as they have announced to all of their customers in an e-mail.
The attack was perpetrated two days ago on Thursday, when the entire SEGA Pass system was brought offline. The company acknowledged the fact that they had detected a foreign break and entry in their system, and that they even had access to the system’s database. To this moment, the system remains offline.
In the e-mail, the company made it clear that they took the first step immediately after learning about the attack. They were able to separate the location of the break, and, at the same time they have started their own investigation on the incident. Also Sega made it public that the attackers took valuable information such as the member’s dates of birth, personal email addresses, and passwords. Nonetheless, the passwords were stored with encryptions.
Since SEGA makes use of a third party administrator for their payment processes, the member’s financial information such as credit card and debit card numbers, were not included in the information that the attacker took. The continued to run a full reset on all the SEGA members’ passwords in an attempt to protect them from any future attack.
On a normal basis, SEGA Pass – where you can join at no cost – usually issues free demos and sometimes games to their users. There is also a newsletter that informs them about the recent changes and news. The website remained offline even 36 hours after the attack was first confirmed. At the moment, the company simply attached a quick-written message, that states that the site is currently going through some improvements and that it should be back and running shortly. Moreover, the SEGA forums were also reported as offline.
So far, no recognized hacker group has taken responsibility on the SEGA attack. Given the recent attacks on other companies such as PBS, Sony, the CIA, Fox, Nintendo, and Brink, one can only think about the well-known hacker group LulzSec.
SEGA would clearly be seen as a target for LulzSec, since their recent attacks have been on Sony (PlayStation platform – took users financial information) and Brink (stole the details of 200,000 user accounts). In addition, the group has also attacked EVE Online, Escapist Magazine, and Minecraft.
However, LulzSec has responded to these accusations by stating that they were not behind the attack at all. As a matter of fact, they have stated (via Twitter) that want to help SEGA to find these hackers because they love Dreamcast.
In other related news, police officers in Spain have arrested three men who supposedly are part of another large hacker group known as Anonymous.