Video game company Sega had a and sensitive information on about 1.3 million customers has been compromised, according to media reports.
The database of the Sega Pass website includes customer names, dates of birth, e-mail addresses, and encrypted passwords.
Various media outlets have been able to confirm the attack with officials from the Japanese company. The news site Playstation Lifestyle posted the text of an e-mail that Sega reportedly sent to Sega Pass registered users on Friday night informing them of the breach.
In the letter, Sega stresses that passwords weren’t stored in plain text, but rather encrypted, and that payment information wasn’t involved in the incident.
Still, the company recommends that people who use the same e-mail/password combination to access other websites that they used for Sega Pass proactively change those passwords. (See also Lulzsec E-Mail Hack Proves We’re Lousy at Picking Passwords.”)
Customers should also be on the lookout for suspicious communications asking for personal information, as they may be attempts to involve them in fraudulent transactions using the compromised information, the company said in the letter.
The company already disabled the Sega Pass website temporarily while it investigates the incident and has reset all passwords.
The breach is the latest large-scale hacking incident to happen in recent months. Sony has had several systems compromised, most infamously its Playstation Network and Qriocity service, exposing personal and credit card information on millions of customers. Citibank also fell victim to a hack attack that compromised credit card data, as well as U.S. government agencies
The LulzSec hacker group has reportedly offered to help Sega in its investigation.