Database Security Issues

Status
Not open for further replies.
MVLapps

MVLapps

Iron Miner
Hello Snapcrafters!

This week, there were many major security breaches in secure databases, compromising your Minecraft information. All of the information found has been released by an intensive hacker this week- and will be continued to be released in the near future. This all occurred from a person known by many as 'lelddos'. He has taken down many massive server centers, as well as gotten into Mojang's Password back end, and gained access to hundreds of thousands of passwords. Just last night, he released 1,800 passwords, and plans to release over 500,000 very soon.
As you can see, this is a huge, and pressing issue. With this being said, I advise ALL players to change their Minecraft passwords so your account cannot be compromised when he releases this information.

Below I have posted a link to his twitter account, where he released the first 1,800 passwords, and plans to release more. Please refer to the document where he listed the information, to make sure you and your friends are not on the list.
Twitter.com/lelddos


I hope that this is informative to the community, and finds you all well. But please, do not show this hacker support in any way.

-MVLapps
 
UnionjackMC

UnionjackMC

Gold Miner
I knew about this because my friend in real life is a major hacker and lelddos is a god to him, so he was telling me all about how this guy did this and he said it like it was a good thing...
 
Athish

Athish

Gold Miner
Trial said:
You seem to be taking this very lightly when I can literally see 20 million users screaming for their accounts... I better change it after school!
Click to expand...
Nah, i panicked, then I changed it, then i felt cool again #iDidThat
 
OP
OP
MVLapps

MVLapps

Iron Miner
I'm glad you all found this helpful. Let's try to inform more of the community of this issue so nobody is compromised during this event.

In reply to @YAMPY it is just your Minecraft password that may have been compromised.
 
LegalSense

LegalSense

Void Walker
This is actually kind of funny Since MinePlex was one of the servers that were affected, they seem to take it as a joke and blame 'squirrel' attacks. (http://www.mineplex.com/forums/m/11929946/viewthread/13115673-get-rid-squirrels-post-to-assist/post/)

Not sure if that counts as 'advertising' but it really is hilarious to watch MinePlex trying make up simpleminded excuses. Which is one of the many reasons why they won't admit to their users that they are being attacked.. But this did happen Monday, and they're up now.

The other funny thing is the tweets 'lelddos' has been posting. I really have no words for these tweets... This guy is too funny..

http://snapcr.net/c/7cbe.png

This one seems legit...- http://snapcr.net/c/bb02.png


Anyways, thanks for the news though! I changed my pass and I'm hoping I'm safe... Hope everyone else does the same!
 
LegalSense

LegalSense

Void Walker
By the way, those accounts he supposedly 'exposed' don't work. The "hacker" is just seeking attention. He has done nothing. Marc_IRL has confirmed on Twitter that no accounts have been affected, even in his supposed "account list". He just used the time to bring servers down and 'confiscate' them you can say. No 'real' accounts have been exposed, but it is advised to change your passwords just in case.

He stopped his attacks when the servers that were attacked got protection. It just made him look pathetic. He used his attack as a way to grab attention to people just to get twitter followers.. Though, I could be wrong. There have been numberous complains peoples accounts have been hacked. But honestly, he made himself look pathetic.
 
Last edited:
Epicme772

Epicme772

Obsidian Miner
Trial said:
By the way, those accounts he supposedly 'exposed' don't work. The "hacker" is just seeking attention. He has done nothing. Marc_IRL has confirmed on Twitter that no accounts have been affected, even in his supposed "account list". He just used the time to bring servers down and 'confiscate' them you can say. No 'real' accounts have been exposed, but it is advised to change your passwords just in case.

He stopped his attacks when the servers that were attacked got protection. It just made him look pathetic. He used his attack as a way to grab attention to people just to get twitter followers.. Though, I could be wrong. There have been numberous complains peoples accounts have been hacked. But honestly, he made himself look pathetic.
Click to expand...

Really? That's a relief XD

So... all of the accounts are fake i presume? (Or hope)
 
LegalSense

LegalSense

Void Walker
Epicme772 said:
Really? That's a relief XD

So... all of the accounts are fake i presume?
Click to expand...
Possibly, some people say they are on the list. But, yeah, most of the accounts are fake. He's just using it to scare people. He was using the time the servers went down (The ones he affected) to make us believe he will actually do it. Though, Like I said, he might have done it.

You can test the accounts if you want.
 
Epicme772

Epicme772

Obsidian Miner
Trial said:
Possibly, some people say they are on the list. But, yeah, most of the accounts are fake. He's just using it to scare people. He was using the time the servers went down (The ones he affected) to make us believe he will actually do it. Though, Like I said, he might have done it.

You can test the accounts if you want.
Click to expand...

Well, at least there's some hope that he didn't do such a large scale attack like that... And also i would think there would be mojang accounts and email addresses instead of just usernames
 
LegalSense

LegalSense

Void Walker
Epicme772 said:
Well, at least there's some hope that he didn't do such a large scale attack like that... And also i would think there would be mojang accounts and email addresses instead of just usernames
Click to expand...
They're usernames I think.. You can't use IGN's as usernames anymore unless you had the 1.5 or 1.6 launcher before. (Can't remember which version.) We have to use email adresses to log in now, so if they were usernames, they'd be useless. Unless you can decrypt usernames and find their e-mail addresses linked to their mojang account.
 
Status
Not open for further replies.
Top