Gamasutra: E Zachary Knight's Blog - Sega Has Been Hacked; Shows Up Sony

GAME JOBS

updates

Blogs

events

contractors

newsletter

store


	View All Post a Job RSS

	June 7, 2013

		LeapFrog Game Designer

		YAGER Development Senior Game Systems Designer (f/m)

		RealTime Immersive, Inc. Animation Software Engineer

		Havok Havok- 3D Software Engineers (Relocate to Europe)

		Treyarch / Activision Senior Environment Artist

		Social Point Senior Game Developer

Sega Has Been Hacked; Shows Up Sony
by E Zachary Knight on 06/17/11 01:22:00 pm

Post A Comment

The following blog was, unless otherwise noted, independently written by a member of Gamasutra's game development community. The thoughts and opinions expressed here are not necessarily those of Gamasutra or its parent company.

Want to write your own blog post on Gamasutra? It's easy! Click here to get started. Your post could be featured on Gamasutra's home page, right alongside our award-winning articles and news stories.

Today, I looked at my email and found an email from Sega with the subject line, "Important information regarding your SEGA Pass account"

So I took a look. It turns out that Sega's servers were hacked and personal information has been compromised. This has been happening a lot recently. It started with Sony and has moved quickly to other game companies. There isn't really a pattern to the companies other than the majority of them are game related.

I don't really feel like going into any of the details or potential motives or suspects. What I want to get at is that Sega is emailing me 1 day after they took their services offline. Sony took 3 weeks. In fact, Sony was telling the press that they contacted all their PSN customers about the breach within the first week, but it wasn't until 3 weeks after the first reports that I got my notification email.

So what's the deal? Why did it take Sony 3 weeks and Sega only 1 day? Was it the shear number of users effected? Maybe, but I don't think it should take 3 weeks for all people to get a notification email, especially when Sony is saying otherwise.

So, I'll leave it at that. For those curious, here is the email I got today:

Dear Zachary,                                 

As you may be aware, the SEGA Pass system has been offline since yesterday, Thursday
16 June.

Over the last 24 hours we have identified that unauthorised entry was gained to our
SEGA Pass database. 

We immediately took the appropriate action to protect our consumers’ data and
isolate the location of the breach. We have launched an investigation into the
extent of the breach of our public systems.

We have identified that a subset of SEGA Pass members emails addresses, dates of
birth and encrypted passwords were obtained. To stress, none of the passwords
obtained were stored in plain text.

Please note that no personal payment information was stored by SEGA as we use
external payment providers, meaning your payment details were not at risk from this
intrusion.

If you use the same login information for other websites and/ or services as you do
for SEGA Pass, you should change that information immediately. 

We have also reset your password and all access to SEGA Pass has been temporarily
suspended.

Additionally we recommend you please take extra caution if you should receive
suspicious emails that ask for personal or sensitive information.

Therefore please do not attempt to login to SEGA Pass at present, we will
communicate when the service becomes available.

We sincerely apologise for this incident and regret any inconvenience caused.

We are contacting all our members with these recommendations.

If you have any further questions please contact SEGA customer support on:
mailto:csescalations@sega.com

(reposted from my blog ezknight.net)

Comments