SEGA is the latest victim in a long and seemingly unending string of information breaches. SEGA Pass was taken offline last Thursday after the breach was discovered. The hackers collected the personal information of SEGA’s 1.3 million users. This includes email addresses, home addresses, dates of birth and their encrypted passwords. In an email to its users, SEGA stressed that the passwords were encrypted, not stored in plain text. It is not known, however, if the passwords encryption was strong enough.
SEGA reiterated that the victims’ personal payment information was not at risk, as it uses external payment providers. In its disclosure of the security breach, SEGA warned members of the SEGA Pass network to be wary of suspicious emails that ask for personal and sensitive information.
The firm is currently handling two class action lawsuits related to the disclosure of confidential information.