UPDATE: Added SEGA’s official word on this below.
And yet it goes on. We might as well just have a ticker tape at the top of the site saying who’s been hacked, it’ll be quicker than posting every time… Latest game firm to suffer a security breach/attack is SEGA. It’s not just a DDoS this time though – their online gaming service SEGA Pass has been broken into, and details made off with. “We have identified that a subset of SEGA Pass members’ emails addresses, dates of birth and encrypted passwords were obtained. To stress, none of the passwords obtained were stored in plain text,” says the publisher. SEGA Pass seems to involve plenty of PC games, including stuff like registering for info on Total War and stuff like that, so it’s more than possible you’ve signed up at some point without entirely realising.
Lulzsec have claimed they’re not responsible for this one, which raises the alarming idea that there’s more than one group of people up to this kind of thing. SEGA have automatically reset everyone’s password already and taken the service offline for the time being, but if you’d signed up for one or some of their sites/games with login details you use for other stuff, you’d better go change everything. Again. You know the drill by now, right?
Read the rest of this entry »