Sega’s Pass service – which was pwned on Thursday by hackers – remains offline as of Friday afternoon.
Although personal user info appears to have been compromised, critical “payment” data remains intact and unscathed by the digital raid.
“Over the last 24 hours we have identified that unauthorized entry was gained to our SEGA Pass database. We immediately took the appropriate action to protect our consumers’ data and isolate the location of the breach,” the company confirmed in an official e-mail to customers.
“We have identified that a subset of SEGA Pass members emails addresses, dates of birth and encrypted passwords were obtained. To stress, none of the passwords obtained were stored in plain text. Please note that no personal payment information was stored by SEGA as we use external payment providers, meaning your payment details were not at risk from this intrusion.”
Unsurprisingly, Sega has reset all passwords and temporarily suspended access to its Pass system until further notice.
“We recommend you please take extra caution if you should receive suspicious emails that ask for personal or sensitive information. Therefore please do not attempt to login to SEGA Pass at present, we will communicate when the service becomes available. We sincerely apologize for this incident and regret any inconvenience caused,” the corporation added.
In an ironic twist, the hacker group known as Lulz Security has offered its repertoire of services to Sega in an effort to catch and punish the unknown perpetrators.
“@Sega – contact us,” a LulzSec rep tweeted earlier this morning.
“We want to help you destroy the hackers that attacked you. We love the Dreamcast [and when we find them] these people are going down.”