Sega has told gamers that some of their personal information may have been stolen following an attack on its systems.
E-mail addresses and dates of birth stored on the Sega Pass database were accessed by hackers.
But payment information, such as credit card numbers, remained safe as it was handled elsewhere, Sega said .
The hacking group Lulz Security appeared to deny involvement, despite leading a wave of recent cyber attacks.
In an e-mail sent to Sega Pass users, the company wrote: “Over the last 24 hours we have identified that unauthorised entry was gained to our Sega Pass database.
“We immediately took the appropriate action to protect our consumers’ data and isolate the location of the breach. We have launched an investigation into the extent of the breach of our public systems.”
Sega explained that it had reset all passwords and urged customers to change their log-on details on other services and websites where they used the same credentials.
It added that password details had not been stored in plain text, suggesting that they may have been secured by some kind of encryption.
Sega is the latest in a line of games companies to suffer hacking and denial of service attacks on their online services.
Nintendo, Sony and several multi-player gaming communities have been hit in recent months.
The hacker group Lulz Security, which has been involved in a number of high profile attacks, showed some sympathy for Sega on its Twitter feed.
“We want to help you destroy the hackers that attacked you. We love the Dreamcast, these people are going down,” wrote LulzSec.