SEGA reveals hacking of SEGA Pass sites
Update: 1.3 million SEGA Pass accounts compromised
SEGA has confirmed via a press release that 1.3 million SEGA Pass accounts had details compromised during a hacking attack earlier this month, with the data stolen consisting of names, email addresses, dates of birth and encrypted passwords.
The publisher also made clear that no financial information whatsoever is kept in the affected databases.
SEGA has issued an email explaining that its SEGA Pass suite of websites, including its game forums and press resource sites, has been hacked, although no confidential information appears to have been stolen.
The email warns users to change any similar user/password combinations but reassures that no financial information was compromised and all passwords were stored encrypted.
"As you may be aware, the SEGA Pass system has been offline since yesterday, Thursday 16 June," reads the mail.
"Over the last 24 hours we have identified that unauthorised entry was gained to our SEGA Pass database.
"We immediately took the appropriate action to protect our consumers' data and isolate the location of the breach. We have launched an investigation into the extent of the breach of our public systems.
"We have identified that a subset of SEGA Pass members emails addresses, dates of birth and encrypted passwords were obtained. To stress, none of the passwords obtained were stored in plain text.
"Please note that no personal payment information was stored by SEGA as we use external payment providers, meaning your payment details were not at risk from this intrusion."
No indication of whether the attack was perpetrated by Lulzsec, the group which admitted to hacking Bethesda, but it is assumed to be part of the ongoing series of attacks on gaming companies and websites.