Sega Security Breach Unleashes Unleashed

Sega Security Breach Unleashes Unleashed

by March 28, 2008

Sega Security Slip UpGaping hole in FTP site now patched

It was not a hack so much as it may have been a generous or, perhaps, careless Sega employee that led to last weekend’s steady stream of screenshots and video regarding the upcoming Sonic Unleashed

The game has not been officially announced yet, and Sega has been trying to bring the fever pitch on speculation back to a dull roar, even going so far as to have copies of the trailer video pulled from major sites like GameTrailers.  There is still one site that has the video and additional information available.  It’s a long standing Sonic fan site, and its current owner has no fear of legal ramifications.

Sonic Cult has available the trailer for those still itching to take a look, in high quality or streaming, as it does the new render of Sonic and as TSSZ News’s Andrew Paulson recently reported, full resolution magazine scans to be in upcoming issues of Europe’s Official Nintendo Managine and Play.  Of more interest to the gaming community is the post that preceded, also written by current administrator Sazpaimon, and it may explain why he is not fearful of Sega coming after him.

“Way to go knuckleheads, you left your PR ftp wide open for everyone to see,” Sazpaimon wrote in part.  The excerpt followed screenshots of a confidential Sega of America document, detailing private FTP information for editors of major gaming magazines to access.  For a time, that document was on the public side of Sega’s FTP, allowing anyone interested (and who knew Sega’s public FTP address for press materials) to access the information.  No hacking was necessary; the details were out in the open. 

Sazpaimon then went to town.

“I’d say we were both the primary source for all this stuff,” he told TSSZ News when reached for comment, the we referring to both he and German site Sega On, who released the screenshots and video just before he did on Sonic Cult.  He continued, “I found that doc file in a publicly available folder on the Sega FTP, those Sega On people must have also done it, they were just a little quicker on the posting trigger than I was, I guess.”

Beyond what he found just before Sega stepped up security and closed their FTP holes, he didn’t find much more than what he’s disclosed.

“I’ve been trying to pull as many strings as I can with little success,” Sazpaimon continued in a follow-up E-Mail to TSSZ News.  “As far as the facts go, we don’t know much.”  However, he did tip TSSZ News to look out for the May editions of Play and ONM, citing their receipt of the custom Jekyll and Hyde esque artwork for their magazine covers.

In the interim, Sazpaimon has published the contact information for Miyuki Friedman, the IT representative at Sega of America who, as the company’s Network Administrator, may be responsible for the security gaffe.  He quips on his Sonic Cult post: “You should call that person and personally thank them for helping everyone out like that.”