Sega Pass database hacked, birthdates, passwords stolen

[security curmudgeon <jericho () attrition org>]

http://www.geek.com/articles/games/sega-pass-database-hacked-birthdates-passwords-stolen-20110617/

Sega Pass database hacked, birthdates, passwords stolen
Jun. 17, 2011 (2:12 pm) By: Alan Henry

The hacking spree that all started with the monumental breach at Sony 
continues, and Sega is the latest victim.

Sega has reported to users of its Sega Pass service that their network was 
compromised, and while they don't indicate how many users were impacted or 
how much data was compromised, they've already reset user passwords and 
shut off access to the Sega Pass service while they investigate.

Sega notes in their statement that no personal or financial information 
was stored in their database, and that while intruders were able to gain 
access, the most they would have made off with were birth dates, 
usernames, e-mail addresses, and encrypted passwords that they would have 
to decrypt to use. They do mention, however, that the information stolen 
only represents a "subset of Sega Pass members". That's likely no 
consolation to the members whose information was stolen - especially as 
Sega's announcement doesn't let us know how large or small that subset is.

[..]
_______________________________________________
Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Learn encryption strategies that manage risk and shore up compliance.
Download Article 1 of CREDANT Technologies' The Essentials Series:
Endpoint Data Encryption That Actually Works
http://credant.com/campaigns/realtime2/gap-LP1/