More than 1,800 Minecraft login details have been leaked online, German news site Heise.de has revealed.
Email addresses and passwords – predominantly of German gamers – were released online in plain text format, allowing those who had not bought the game to download it for themselves using the stolen login data. However, as The Guardian notes, “the more serious implication would be for any players who had used the same email address and password combination for other online services, from shopping and banking to email and social networking.”
Although 1,800 is a tiny fraction of the total Minecraft population worldwide, with the PC version having more than 100 million registered players, it’s possible that the attacker may have only published a small quantity of usernames and passwords to prove the validity. As Expert Reviews points out, hackers often take this approach in order “to extort money from companies by threatening to release compromised account/password details.”
It is not yet clear whether the leak of logins is evidence of a wider breach in the Minecraft world, or if these accounts have been compromised by more conventional phishing scams. At the time of writing, there is no mention of the leak on the Minecraft website, and there is no evidence of a wider leak in Microsoft’s systems.
A phishing scam is definitely possible though, as Expert Reviews explains: “A large part of the Minecraft audience is children, who are more susceptible to phishing attacks and other techniques used to steal account details.”
Minecraft was purchased by Microsoft last year for $2.5 billion, as a game that has taken the world by storm across multiple platforms. According to Minecraft’s official stats, over 12,000 PC copies have been purchased in the last 24 hours alone.