The hacking spree currently afflicting video games companies has continued with the theft of the personal information of 1.29 million users of Sega Pass. This is the fourth hack in the industry in just a few months after the high profile theft of data from Sony’s Playstation Network, Nintendo and Codemasters.
The data included names, addresses, email addresses and passwords. The site provides promotional material from Sega as well as allowing users to purchase games. Sega have reassured their customers that no credit card information was stored; however the data taken can be used for phishing attacks to acquire bank details. It has now been temporarily suspended while Sega attempt to investigate how the intrusion occurred. They have released the following statement:
“We sincerely apologise for troubles this incident has caused to our customers. An investigation has been launched to find the cause and channels used for the leakage.”
The website currently shows a message reading:
“SEGA Pass is going through some improvements so is currently unavailable for new members to join or existing members to modify their details including resetting passwords. We hope to be back up and running very soon. Thank you for your patience.”
There is no mention of the hack on the website. The hacking group LulzSec, who admitted responsibility for the hack on Sony, have denied involvement in the incident. The ICO have so far made no comment about the intrusion, despite Sega Pass being based in London.