Sega Europe had to scramble, after it was found that one of its servers had left sensitive files out in the open for public access. The house of Sonic worked closely with security researcher Aaron Phillips from VPN overview to address the problem.
The misconfigured server hosted several sets of AWS (Amazon Web Services) access keys, which could have granted a potential threat actor access to many of the company's cloud services.
The researchers also noted that it was possible to run scripts or upload files to domains owned by Sega Europe and this could have impacted pages for franchises like Sonic the Hedgehog, Bayonetta, Total War and even the main Sega landing page.
Worse, Sega stored user data and credentials on this server which could have affected hundreds and thousands of users. Thankfully, the problem was contained quickly and no evidence of any breach was found.
According to VPN overviews' report, a malicious actor could have used the compromised server to distribute ransomware. It also created an epicenter for a larger second attack, since many third-party sites link to Sega servers for official versions of an image or a file.
"Companies have to keep their public and private cloud separate," said Phillips.
"Companies regularly accidentally leave private credentials in their public cloud, which causes breaches," he added.
He also said private cloud storage should be sandboxed and access to it, should be segmented.