Minecraft fan site hacked

Email addresses and hashed passwords for up to seven million accounts on the Minecraft community website Lifeboat have been lifted and leaked online by hackers.

The site's security was breached in January, but its administrators responded only by forcing a password reset without giving players any clue anything was wrong.

The hack only came to light after security researcher Troy Hunt noticed sales of bundles of stolen data from the website's database on the dark web. Hunt and other researchers are highly critical of Lifeboat’s handling of the breach. The passwords were hashed by Lifeboat but were not salted, leaving them easy to crack once exposed. ®

Biting the hand that feeds IT © 1998–2021