71,000 Account Credentials Exposed in the Minecraft World Map Hack
Over 71,000 user accounts and IP addresses have leaked online in another data breach affecting the gaming industry. These accounts have been leaked from the fan website Minecraft World Map.
Reported by the popular Australian security researcher, Troy Hunt, the data dump includes email addresses, IP addresses, user names, and passwords of the affected users. Hunt clarified that login passwords included in the dump were salted and hashed. Minecraft World Map is popular among gamers who use the site to share their in-game developed worlds.
Breached in January, Minecraft hack went unreported
The website was breached in January this year. But, the hack was not publicly reported. “In approximately January 2016, the Minecraft World Map site designed for sharing maps created for the game was hacked and over 71k user accounts were exposed. The data included usernames, email and IP addresses, along with salted and hashed passwords,” Hunt wrote on his website.
Security expert also verified the Minecraft hack dump on his online service HaveIBeenPwned.com. The data of over half of the compromised accounts were already listed in the service. Hunt’s website hosts the data dumps and allows users to discover if their accounts have been compromised in a data breach.
— Have I been pwned? (@haveibeenpwned) August 29, 2016
This is one of the latest incidents reported in the gaming industry, following security vulnerabilities in the vBulletin platform that exposed over 27 million accounts in total. Earlier in the year, we also saw the fan site Lifeboat for Minecraft: Pocket Edition getting hacked. The hack had exposed over 7 million fan accounts.
Users of the affected fan site should reset their passwords on the Minecraft World Map and on any other sites where they have used same login credentials. You can also use HaveIBeenPwned.com to check if your account details have been compromised.