Sega Europe could easily have been an a. can fall victim Data leak As a security researcher recently discovered that the company is storing sensitive files on an insecure publicly accessible database.
Researchers at the security company VPN Overview found the files in question on a misconfigured Amazon Web Services (AWS) S3 bucket. They were also able to obtain multiple sets of AWS keys that gave them read and write access to Sega Europe’s Cloud storage.
In addition to sensitive files, the misconfigured S3 bucket it contained was also used to Host websites for a number of popular Sega properties including Sonic the Hedgehog, Bayonetta, Football Manager, and Total War, as well as the Sega official site. A total of 26 publicly accessible Domains controlled by Sega Europe.
The researchers from VPN Overview were able to upload files, execute scripts, change existing websites and configure critically vulnerable Sega domains according to a. to change new report.