Sega announced earlier on Friday that they had detected an "unauthorized entry" into its database. The company quickly emailed all of its Sega Pass members, recommending they change their log-in information.
"We immediately took the appropriate action to protect our consumers' data and isolate the location of the breach," read the statement. "We have launched an investigation into the extent of the breach of our public systems.
"We have identified that a subset of Sega Pass members emails addresses, dates of birth and encrypted passwords were obtained. To stress, none of the passwords obtained were stored in plain text.
"Please note that no personal payment information was stored by Sega as we use external payment providers, meaning your payment details were not at risk from this intrusion," stressed Sega. "We sincerely apologise for this incident and regret any inconvenience caused."
Sega also cautions users not to log into the forums until they send out a notification that the service is back up and safe to use. For the moment, no one is sure who is responsible for this or if LulzSec is behind the attack. Sega tells Eurogamer that it isn't able to comment on the culprits as "internal investigation is ongoing."
"We take the security of our customers data very seriously and constantly review our security measures. The protection of data is an evolving process, as new defences are created so new threats emerge. We will make all improvements necessary as a result of this intrusion."