Lifeboat Network compromised in early January, but didn’t tell users

Minecraft Pocket Edition server provider hacked: 7m accounts breached

A private server provider for the mobile version of Minecraft has admitted that more than seven million account details were stolen in January.

Lifeboat Network requires users to sign up with an email address and password before they use its servers on Minecraft Pocket Edition.

Security researcher Troy Hunt told Motherboard that the company’s data was breached back in January, exposing millions of users’ information – but stated that the firm failed to notify any users of the attack.

“When this happened [in] early January we figured the best thing for our players was to quietly force a password reset without letting the hackers know they had limited time to act,” a representative for Lifeboat explained.

“We did this over a period of some weeks. We retain no personal information (name, address, age) about our players, so none was leaked. We have not received any reports of anyone being damaged by this.”

However, Hunt said that the passwords accessed by the hackers were only encrypted using MD5 hashing, allowing him to decode them using easily available online tools.

Lifeboat said that it had implemented a stronger algorithm in response to the situation.

About MCV Staff

Check Also

Industry Voices: What happens now that the NFT bubble has burst?

Giovanni Petrantoni, CEO and Founder at Fragnova, talks about the blockchain and its place in the games industry