NEWS
NEWS
NEWS
Minecraft server data breach leaks the personal information of 7 million unaware users
Minecraft is a fun and incredibly popular game, with an active user base and several communities dedicated to it. Unfortunately, one of those communities has been struck by hackers, as a Lifeboat data breach resulted in the theft of over seven million Minecraft gamers’ user information.
Lifeboat, a small company that runs a server for the mobile version of Minecraft, was hacked some time in January. Softpedia reports that the company triggered a “silent password reset” in response, so as to presumably protect user data.
That, however, is not the same as actually contacting users about the data breach, many of whom did not actually receive a password reset notification. In fact, Motherboard reports that many victims of the breach were not aware it had occurred at all, as they were never contacted.
As such, millions of users were unaware that their information was being sold on the Dark Web, including usernames, email addresses, and passwords. The good news is, the free-to-play game did not have any financial information. It does not collect personal information, such as names or addresses, so identity theft will not be an issue.
The passwords, however, were hashed by MD5, which is incredibly easy to break. While Lifeboat now uses a stronger hashing algorithm, those already leaked have no further protection. As many people tend to use identical or similar passwords across multiple sites and accounts, it would be easy for any of the thieves to break into a victim’s email account or any other website using a similar password.
As Motherboard notes, it’s important to use unique passwords on every account. That way, when a theft such as this occurs, only one account will be compromised. Security experts Alexa Huth, Michael Orlando, and Linda Pesante agree, in the United States Computer Emergency Readiness Team document “Password Security, Protection, and Management.”
“Even if the attacker gets the password for a relatively non-sensitive account; he or she can reuse it on sites where, for example, billing, payment, health, and other private information is stored. Using the same pattern for your passwords is also risky. By learning your current password structure, attackers can increase theirchances of guessing passwords for critical websites such as your bank account or your company’s email account.…“Use a different password for each website you access. A password manager — essentially an encrypted database— can help you store all these unique passwords and passphrases in one safe, well-protected place.”
There are many factors to consider when regarding password managers, such as cost and risks, but it’s better than using the same password every time.
With that in mind, Minecraft users on the Lifeboat server can safely start changing their passwords. It is unfortunate that Lifeboat did not think to notify its users, but the damage is done, and recovery can begin.
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
