Lifeboat Network compromised in early January, but didn’t tell users

Minecraft Pocket Edition server provider hacked: 7m accounts breached

A private server provider for the mobile version of Minecraft has admitted that more than seven million account details were stolen in January.

Lifeboat Network requires users to sign up with an email address and password before they use its servers on Minecraft Pocket Edition.

Security researcher Troy Hunt told Motherboard that the company’s data was breached back in January, exposing millions of users’ information – but stated that the firm failed to notify any users of the attack.

“When this happened [in] early January we figured the best thing for our players was to quietly force a password reset without letting the hackers know they had limited time to act,” a representative for Lifeboat explained.

“We did this over a period of some weeks. We retain no personal information (name, address, age) about our players, so none was leaked. We have not received any reports of anyone being damaged by this.”

However, Hunt said that the passwords accessed by the hackers were only encrypted using MD5 hashing, allowing him to decode them using easily available online tools.

Lifeboat said that it had implemented a stronger algorithm in response to the situation.

About MCV Staff

Check Also

Comment: Evolution of games – Are you ready for what’s coming next?

The evolution of video games technology has continually foreshadowed evolution of mass media and we’re now on the cusp of another leap forward - except this time change will be driven by software and creators, rather than hardware…