SEGA Europe Left AWS S3 Bucket Open to Attack, Exposing Data And Infrastructure

SEGA Europe Left AWS S3 Bucket Open to Attack, Exposing Data And Infrastructure

According to cybersecurity company VPN Overview, gaming giant SEGA Europe mistakenly left customers’ personal information publicly accessible on the Amazon Web Services (AWS) S3 bucket towards the end of the year.

Multiple sets of AWS keys, as well as MailChimp and Steam keys, were found in the insecure S3 bucket, which might have allowed threat actors to access numerous of SEGA Europe’s cloud services under SEGA’s identity.

“Researchers found compromised SNS notification queues and were able to run scripts and upload files on domains owned by SEGA Europe. Several popular SEGA websites and CDNs were affected.” as per the report issued by VPN Overview.

User data, including information on thousands of members of the Football Manager forums at, may be accessed via the unprotected S3 bucket. These are the problems discovered in SEGA Europe’s Amazon cloud:

  • Steam developer key
  • RSA keys
  • PII and hashed passwords
  • MailChimp API key
  • Amazon Web Services credentials

As per the security company, there is no evidence that malicious third parties have previously accessed the sensitive data or exploited any of the listed vulnerabilities. Researchers revealed that they were able to upload files, run scripts, edit existing web pages, and change the settings of severely susceptible SEGA domains.

The impacted domains include,,,, and The domain authority scores of several afflicted domains are high. The hacking of several of the company’s domains would have allowed attackers to use SEGA’s infrastructure to spread malware.

About the author

CIM Team

CIM Team

CyberIntelMag is the trusted authority in cybersecurity, comprised of leading industry experts for over 20 years, dedicated to serving cybersecurity professionals. Our goal is to provide a one-stop shop for knowledge and insight needed to navigate throughout today’s emerging cybersecurity landscape through in-depth coverage of breaking news, tutorials, product reviews, videos and industry influencers.