Sega has responded to the attack on its Sega Pass gaming network, saying that data belonging to more than a million of its customers was stolen. The attack on Sega, which came to light last week, is the latest in a string of such compromises of gaming and media companies.
The Sega Pass attack apparently did not involve any payment or credit card data, but it did expose quite a bit of other data, including names, email addresses and birth dates of Sega Pass customers. In a statement on the Sega Pass site, the company simply said that the gaming network is offline and that customers can not access their accounts.
“SEGA Pass is going through some improvements so is currently
unavailable for new members to join or existing members to modify their
details including resetting passwords. We hope to be back up and running very soon. Thank you for your patience,” the statement said.
But on Sunday, a Sega spokesman told Reuters that the company had discovered that the breach affected about 1.3 million people.
“We are deeply sorry for causing trouble to our customers. We want to
work on strengthening security,” said Yoko Nagasawa, a Sega
spokeswoman, told Reuters.
The Sega Pass attack is just the latest in a series of similar attacks on organizations such as Sony, the Senate, the CIA and others over the last few weeks. A group called LulzSec has claimed responsibility for many of the attacks, but in an odd twist, the group has publicly offered to help Sega find out who attacked the Sega Pass network because they are fans of the company’s products.