Sega’s Sega Pass database was hacked and has remained offline since Thursday, reports said, adding to the list of game developers and other companies whose security has been compromised.
The system has been down since Thursday, according to an email reportedly sent to the members of the system. That email was reprinted by PlayStationLifeStyle.net and other sites.
Messages left with members of Sega’s public-relations team were not returned by press time.
“As you may be aware, the SEGA Pass system has been offline since yesterday, Thursday 16 June,” the email begins. “Over the last 24 hours we have identified that unauthorised entry was gained to our SEGA Pass database.
“We have identified that a subset of SEGA Pass members emails addresses, dates of birth and encrypted passwords were obtained,” Sega added. “To stress, none of the passwords obtained were stored in plain text.”
Payment information was not compromised, according to the memo that PlayStationLifeStyle.net published, as Sega uses external payment providers. Sega automatically reset user passwords, it said, but warned users to be suspicious of emails that ask for personal information.
Sega Pass serves as a way for Sega to distribute free content to customers, including demos and mini-games, plus a monthly newsletter and a support line. It is free to join, although the Sega Pass site was down at press time.
In its place, Sega posted a message: “SEGA Pass is going through some improvements so is currently unavailable for new members to join or existing members to modify their details including resetting passwords,” Sega said. “We hope to be back up and running very soon. Thank you for your paitence [sic].”
The Sega forums were also offline to “carry out some essential maintenance,” a note posted on the site said.
It wasn’t immediately clear who, if anyone, took credit for the hack.
LulzSec, which has targeted gaming company Bethesda Softworks, the Web site for CCP Games’ EVE Online as well as Minecraft and Escapist Magazine, has attacked gaming companies at the behest of a call-in line. But the LulzSec Twitter account was silent Friday, after an all-day session in which the group’s representative or members sent messages to supporters after LulzSec leaked about 62,000 usernames and passwords.
However, LulzSec denied responsibility. “@Sega – contact us. We want to help you destroy the hackers that attacked you. We love the Dreamcast, these people are going down,” the group posted on its Twitter feed.
Meanwhile, Spanish police have arrested alleged “Anonymous” members, followed by 32 more arrests by Turkish police.
On Friday, the only message on the AnonOps Web site was a message condemning censorship by the Turkish government.
Editor’s Note: This story was updated at 10:43 AM with additional comments from LulzSec.
For more from Mark, follow him on Twitter @MarkHachman.
For the top stories in tech, follow us on Twitter at @PCMag.