Microsoft appears to be a frequent target for attackers lately. The company’s Xbox Live service was attacked last month, resulting in an outage for gamers on Christmas. And now, some login credentials of the recently-acquired Mojang’s Minecraft — the company which was acquired by Microsoft for a whopping $2.5 billion — were leaked online in plain text format, yes, both usernames and passwords of users of the game.
According to a German publication, over 1,800 usernames and passwords of Minecraft users were posted on Pastebin in plain text format, allowing other users to login with the credentials, and install the full version of the game. However, it’s still unclear on how the information was obtained. It could be worse for those users who are using the same password on multiple services, such as their social media accounts, PayPal, or their email addresses.
On one side, 1,800 may appear to be a small proportion of Minecraft users — which is in millions if we combine the user base on all platforms. Nonetheless, it’s still worrying as we don’t know if any other usernames and passwords were accessed too — the ones not leaked yet. Plus, there’s no mention about any such hack on the Mojang’s website or Microsoft, but if it has happened, now might be a good time for both companies to shed some light on the breach, and guide the users.
In case you’re worried, you should change your password to Minecraft right away, the company already has a guide on how to choose a strong password in their help section — it’s better to be safe then sorry. And remember, never to use the same password for important services such as you bank accounts, PayPal and other services, and enable two-step authentication whenever possible.
We’ll update you if Microsoft or Mojang release a statement about the breach.