So you have read the news about SEGA being the latest victim in a string of cyber attacks that have seen many huge corporations being forced to take their servers offline in a bid to perform damage control and prevent hackers from further compromising any more personal information. However, in this case, SEGA can probably thank its lucky stars that it did not suffer the same kind of damage and data loss that some of its fellow victims have faced; while the company did not deny that it did lose a huge chunk of personal information as a result of a successful attack on one of its databases, it has also assured users that the most important piece of information, which is the credit card details of its subscriber base, was still safely secure in its servers.
According to a report posted by ZDnet, SEGA has confirmed that the attack has resulted in its SEGA Pass service being forced offline, and that the information that had been stolen as a result of the attack consists of personal information such as names, dates of birth, email addresses and passwords that that subscribers typically use to access the service, although it was quick to point out that the damage is not as severe as most people may have imagined it to be. For example, the company has revealed that the stolen passwords stored in its database were encrypted and not stored in plain text; as such, hackers or individuals in possession of those passwords will have their work cut out of them in the form of decrypting the information in order to obtain a subscribers original passphrase. And even then, SEGA is clearly taking no chances, having taken additional measures to prevent unauthorised access by resetting the passwords for all its subscribers, so the possibility of having someone successfully gaining access to SEGA Pass with a stolen password is decidedly slim. More importantly, SEGA also revealed that the server used to store its subscribers credit card information is in the custody of an external service provider, and was therefore safe from the attack.
However, it would seem at least one prominent hacker group does not condone such actions, and has gone out of its way to offer SEGA its assistance in finding and exacting vengeance on those hackers who perpetuated the attack. Indeed, a quick look at LulzSecs twitter page reveals that the hacker group does mean business this time round:
By the way, just for the record, a total of 1.3 million accounts were compromised in the recent attack against SEGAs database. Now that is definitely food for thought.
Source: ZDnet, Twitter