Feeds

Sega’s saggy security

1.2m user details hacked

Top three mobile application threats

The latest victim of a large scale attack is Sega Corp, which has admitted that security of its Sega Pass website database in Europe had been compromised. The personal information on all of its 1,290,755 registered users has been stolen.

Sega sent an email on Friday alerting the affected users, who are mostly based in Europe and North America, of the situation. Sega told customers that a subset of Sega Pass members' email addresses, dates of birth and encrypted passwords were obtained, However, since Sega uses external payment providers, no personal payment information was obtained in the hack.

The Sega Pass system has been offline since Thursday, June 16. Currently this message appears, “SEGA Pass is going through some improvements so is currently unavailable for new members to join or existing members to modify their details including resetting passwords. We hope to be back up and running very soon.”

The company warned users that if the same login information is used for other websites or services, they need to be changed immediately.

No hacking group has been publicly associated with the breach yet but LulzSec, who have taken credit for the very recent attack on the Sony group which affected up to 100 million people, tweeted to Sega on Friday: “@Sega - contact us. We want to help you destroy the hackers that attacked you. We love the Dreamcast, these people are going down.”

Meanwhile LulzSec celebrated its 1000 tweet on Friday with an insight into the chaos collective’s manifesto.

Boasting of their attacks on several targets including “PBS, Sony, Fox, porn websites, FBI, CIA, the U.S. government, online gaming servers (by request of callers, not by our own choice), Sony again, and of course our good friend Sony,” the group defended its activities as the new digital order: “This is the Internet, where we screw each other over for a jolt of satisfaction.”

The group claims that its havoc-chasing is just a natural phenomenon to emerge out of the internet generation which is “attracted to fast-changing scenarios, we can't stand repetitiveness, and we want our shot of entertainment or we just go and browse something else, like an unimpressed zombie.”

It raises the ominous point that their acts should serve as a wake up call to the 'in-security' of online data, everywhere. “Do you think every hacker announces everything they've hacked? We certainly haven't, and we're damn sure others are playing the silent game. Do you feel safe with your Facebook accounts, your Google Mail accounts, your Skype accounts? …You are a peon to these people. A toy. A string of characters with a value,” LulzSec states. ®

Combat fraud and increase customer satisfaction

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
Canadian taxman says hundreds pierced by Heartbleed SSL skewer
900 social insurance numbers nicked, says revenue watchman
German space centre endures cyber attack
Chinese code retrieved but NSA hack not ruled out
Burnt out on patches this month? Oracle's got 104 MORE fixes for you
Mass patch for issues across its software catalog
Reddit users discover iOS malware threat
'Unflod Baby Panda' looks to snatch Apple IDs
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.