According to a report from the cybersecurity company VPN Overview, Saw he left opened a server, with the risk that approx 250,000 accounts of its users were stolen by some attacker. Now it appears that the flaw has been closed, but the underlying problem remains.
The Amazon Web Services S3 had configuration errors that gave access to sensitive information and could have allowed malicious users to upload data to different Sega domains, as well as give them access to a list of approximately 250,000 emails.
THE domains involved involved some of Sega’s flagship franchises, including Sonic the Hedgehog, Bayonetta, and Total War, as well as Sega.com itself. VPNO was able to successfully run scripts executable on these sites, obviously harmless. But imagine what hackers could have done if they discovered the flaw.
To give access to the list of e-mail it was the key to a badly preserved Mailchimp API. The emails displayed the text, as well as associated IP addresses and passwords. According to VPNO, anyone could have distributed ransomware very effectively using Sega email and cloud services.
Fortunately, it seems that VPNO was the first to discover the problem, then helped Sega to fix it, and that no attackers had access to the server. The Japanese multinational did not comment on the incident of its own.
#Sega #left #server #open #putting #security #accounts #risk