Sega Unknowingly Opens Up Opportunities For Hackers To Access Corporate Data

Sega Europe's data security is very likely to be easily hacked. (photo: doc. unsplash)

JAKARTA - Sega Europe's data security is likely to be easily hacked. Security researchers found that the company had left sensitive files unsafely stored in publicly accessible databases.

According to a report by researchers at VPN Overview, they found the file in question was stored in a misconfigured Amazon Web Services (AWS) S3 bucket. They can also obtain multiple AWS key sets that grant read and edit access to Sega Europe cloud storage.

In addition to sensitive files, misconfigured S3 buckets are also used to host websites for a number of popular Sega properties including Sonic the Hedgehog, Bayonetta, Football Manager, and Total War, as well as the official Sega website itself.

In total, 26 public domains controlled by Sega Europe were affected. Researchers were also able to upload files, run scripts, modify existing web pages, and modify Sega's highly vulnerable domains.

Quoted from TechRadar, Friday, December 31, during the investigation, the VPN Overview team restored an API to the MailChimp marketing email software that gave it the ability to send emails from the address [email protected].

The team then also sent several messages to test its access and every email sent appeared legitimate and also used TLS encryption.

From here, researchers can modify existing MailChimp templates and even create their own. Because all emails sent to Football Manager users are valid and can pass email security checks. If not recovered immediately, cybercriminals could use this access to launch phishing campaigns.

Furthermore, the VPN Overview team can also upload and replace files across Sega's three content delivery networks (CDNs). Because third-party websites often link to the company's CDN for official versions of images or files, an additional 531 domains are linked to the affected Sega Europe CDN.

As a result, attackers can abuse corporate CDNs to distribute malware and ransomware to users. After discovering a misconfigured Sega Europe S3 bucket, VPN Overview is also responsible for disclosing and explaining its findings to the company which then immediately secures the database and all its affected cloud services and software.