Sega Gets Hacked; Game Companies Aren’t Getting the Hint

By  |  Monday, June 20, 2011 at 5:10 pm

Sega’s best customers — the ones who’ve signed up to receive information about the company’s products  — are now the victims of yet another attack on a game publisher.

The hack affects nearly 1.3 million people, whose names, e-mails, dates of birth and encrypted passwords were stolen, Sega says, but no payment information was compromised. Sega has taken its Sega Pass system offline for now, has reset all passwords and is warning users to change their login information at any site where they use the same username and password — in other words, the usual precautions.

Unfortunately, Sega is not the first company to succumb to hackers, and I’m not just referring to the attacks on Sony that collapsed the Playstation Network and Sony Online Entertainment in April. So far this month, at least a half dozen game publishers have been attacked, and five of those incidents resulted in stolen user information.

Let’s recap:

  • June 5: Nintendo reports that hackers targeted one of the company’s U.S. affiliate servers, but no user data was lost.
  • June 9: Epic Games confirms a breach of its forums, telling users that their e-mails and encrypted passwords were probably compromised.
  • June 10: Codemasters tells the BBC that hackers stole thousands of users’ personal data and passwords. The company’s website remains offline 10 days later.
  • June 13: Bethesda gets attacked, with now-infamous hacker group Lulzsec claiming responsibility. The group decided not to release the details of 200,000 users because it liked the 2005 game Call of Cthulhu.
  • June 16: Bioware says a decade-old community server for the game Neverwinter Nights was attacked, and login details for up to 18,000 people may have been taken.

While the root of the problem is the hackers themselves, when companies ask for your personal information, the burden is on them to protect it. Ideally, these game publishers and developers would have seen what happened to their peers and taken precautions before getting attacked themselves. Obviously, they lack the resources, desire or ability to do so.

Pseudonyms and spam e-mail addresses are looking like better options all the time.



2 Comments For This Post

  1. @Kwpolska Says:

    The Nintendo `attack' is anywhere near something serious, so you shalln't include it here.

  2. Rena Says:

    so what happened to the people who hacked Sega, did they get caught?