Sega Pass hacked, users warned to change passwords

Sega has sent out a notice to Sega Pass users that its database has been compromised. Hackers obtained e-mails, dates of birth, and encrypted passwords, but not credit card information.

7

Another day, another security breach. Sega sent out a notice to Sega Pass users that its database had been hacked. The system has been offline since yesterday, and the company confirmed "unauthorized entry was gained." A timeline of when the intrusion occurred wasn't disclosed, but Sega assures users that it took action "immediately" and has launched an investigation.

Sega Pass member e-mails, dates of birth, and encrypted passwords were obtained by the intruders, but payment information is handled by a third-party, so credit card data isn't at risk. Sega does warn, however, that if you use similar usernames and passwords for other sites, you should change them.

In the meantime, Sega is resetting all passwords and suspending Sega Pass for the time being. The company says it will communicate when the service becomes available. "We sincerely apologise for this incident and regret any inconvenience caused." It recommends contacting customer support with further questions.

Though the hacker group LulzSec has claimed responsibility for a string of recent attacks, it isn't taking credit for this one. In a tweet, it asks Sega to contact them. "We want to help you destroy the hackers that attacked you," it read. "We love the Dreamcast, these people are going down."

Editor-In-Chief
Filed Under
From The Chatty
  • reply
    June 17, 2011 11:45 AM

    Steve Watts posted a new article, Sega Pass hacked, users warned to change passwords.

    Sega has sent out a notice to Sega Pass users that its database has been compromised. Hackers obtained e-mails, dates of birth, and encrypted passwords, but not credit card information.

    • reply
      June 17, 2011 11:52 AM

      LOOOOOL @ We want to help you destroy the hackers that attacked you, We love the Dreamcast, these people are going down.

    • reply
      June 17, 2011 12:09 PM

      Aw come on.

    • reply
      June 17, 2011 2:20 PM

      I .. .. why would you want to help sega but attack notch ..

    • reply
      June 17, 2011 2:33 PM

      I got this email, and I'm not sure why I even have a Sega Pass account. No clue what I might have used that for.

      • reply
        June 17, 2011 2:34 PM

        [deleted]

        • reply
          June 17, 2011 2:53 PM

          It really should be standard internet policy to delete accounts that are not being paid for after a period of inactivity like, lets say 2 years. If you haven't used the service/login/whatever in 2 years you're probably not coming back anytime soon.

          • reply
            June 17, 2011 2:55 PM

            I can't remember ever paying for any of their online services...

            Could it be I created it to play Phantasy Star Online? But I played that on the Gamecube and never got the ethernet adapter thing... I have no clue. :(

            But all these attacks does make me ponder that I should start using some system to have random strong and unique passwords for all my logins, I do reuse a handful of them all over the place.

      • reply
        June 17, 2011 2:58 PM

        [deleted]

      • reply
        June 17, 2011 4:18 PM

        Phantasy Star Online?

    • reply
      June 17, 2011 6:00 PM

      wow what's up with the hackfest on the game industry? people need to back off.

      • reply
        June 17, 2011 6:06 PM

        The huge push for "games as a service" led publishers to set up tons of "social club" sites and force DLC tie-ins. That's like ringing the dinner bell for hackers who want fresh lists of email addresses and credit card numbers. If the infrastructure was set up in a rush to coincide with game releases or new game initiatives, they're probably not the most secure frontends.

    • reply
      June 18, 2011 1:01 PM

      The one thought that popped into my head

      Maybe the companies aren't sending out these emails, but the Hackers simply h4x0r1n9 into the site to send out a mass email that SAYS change your stuff, so they aren't really hacking much info?!?!

      nah.

Hello, Meet Lola