Sega left one of its European servers wide open
2 min readWhat can be a damaging violation on one of the Sega servers seems to have been closed, according to a report by the VPN security company reviews. USMON AMAZON Web which configures the S3 bucket configuration contains sensitive information that allows researchers to arbitrarily upload files to the Sega-owned domain plot, and credentials to misuse the e-mail list of 250,000 users.
The affected domain includes official landing pages for large franchises, including Sonic The Hedgehog, Bayonetta, and Total War, as well as SEGA.com sites themselves. VPNO can run scripts that can be executed on these sites which, as you can imagine, will be very bad if this violation has been found by evil actors instead of researchers.
The Key API MailChimp which is stored incorrectly gives VPNO access to the email list mentioned above. The email itself is available in plaintext with the related IP address, and a password that can be examined by the researchers. According to the report, “A malicious user can distribute Ransomware very effectively using the compromised EMAW and SEGA Cloud services.”
So far there is no indication that bad actors took advantage of this vulnerability before VPNO found and helped Sega to fix it. Sega Europe is not available for comments.
Bucket S3 incorrect configuration, unfortunately, a very common problem in information security. Similar errors this year have affected Sennheiser’s audio companies, senior advisors, peopsgis, and Ghana government. Sega is a target of major attacks in 2011 which leads to exfiltration of information that can be identified personally related to 1.3 million users. Fortunately, the European server whose configuration does not produce similar incidents.
About Author
