Millions of Minecraft Community Lifeboat account data has been stolen
Account data of more than seven million members of the Lifeboat community for the Pocket Edition of Minecraft has been traded since January 2016. The hack took place months ago but has only now been disclosed.
It’s not about Minecraft accounts, but about the account information that users enter when they join the Lifeboat community. Lifeboat runs custom servers for the mobile version of Minecraft. Players can sign up there by entering an email address, password and username.
According to security researcher Troy Hunt, this data, of more than seven million members, has been stolen. He was presented with the relevant data from someone who is actively involved in trading account data. The hack allegedly took place in January and Lifeboat allegedly concealed for three months that the data was stolen, Hunt tells Motherboard.
The passwords are hashed, but that is done with the weak md5 algorithm, which makes the passwords relatively easy to retrieve. Although no other data has come out via Lifeboat, users who use the same login details on other websites or other services are at risk.
Troy Hunt is the founder of the website have i been pwned?. Here he collects information about major data breaches and by entering an email address or username, people can find out whether their information has been stolen during a hack or data breach.