SEGA Narrowly Avoids Massive Data Breach on Their EU Servers | #cloudsecurity | #cybersecurity | #infosecurity | #hacker



SEGA’s Cloud Security Almost Wasn’t

It seems like SEGA had a bit of an oopsie-doopsie waiting to happen. Luckily for us, that event never came to pass. Their supposedly-secure information was stored in a publicly-accessible Amazon Web Services bucket. Not intentionally, mind you, but it still happened. With a few unseen lapses in SEGA’s cloud security, all that information could have been exposed. Technical details here – this is just the plainspeak version.

Impacted domains included the landing pages for several franchises published by SEGA. Those being Sonic the Hedgehog, Total War, and Beyonetta. And as if that wasn’t bad enough, the vulnerability affected SEGA’s official website too. The security gap was discovered and breached by a team of researchers before any malicious actors could venture in.

On top of that, an improperly-stored Mailchimp API key could have given hackers access to a ton of email lists, linked IP addresses, and passwords.

As of yet, there’s no evidence that outside hackers tampered with this data. So, breathe easy. Imagine the kind of damage that could have been done if official-looking sources suddenly became hostile to users. With the brand recognition of Sonic the Hedgehog, coupled with its younger userbase, things could have gotten out of hand fast. And even if you never visit those websites very often, the email breach could have sent malicious actors straight to you. Luckily, companies hire white hat hackers for a reason, and they’re good at what they do.

Apparently, vulnerabilities of this sort are shockingly common. Groups like Sennheiser and even the government of Ghana had to solve this very same problem. While the impact could has been massive, the repair efforts can follow a well-worn path. Patches have since been deployed on SEGA’s end. You won’t have to worry about this vulnerability causing grief any time soon.

SOURCE, SOURCE



Original Source link

Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


Ads

NATIONAL CYBER SECURITY RADIO

Ads

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW