According to Heise online, a German IT news site, more than 1800 account information (email and password) of Minecraft players has been released on the net, giving potentially the possibility to anyone that can get their hands on the pastebin the chance to log in the player's worlds and cause mayhem in it as long with, probably more worrysome, other security risks.
Heise reports that they proceeded to test a sample of said accounts to verify the validity of the leak and they were all legit. For obvious security reasons, the URL of the pastebin has not been made public. This is a screenshot of said list with all the sensitive information blurred out.
[caption id="attachment_27011" align="aligncenter" width="290"] Source: hotforsecurity.com[/caption]
Most of the accounts appear to be of German players. At the moment it is not known how the malicious individuals that released the accounts acquired the information in the first place. Given the (relatively) minute amount of accounts affected, a security breach in Minecraft servers is not likely. The most probable way they may have got hold of the password is through phishing attempts or malware. This is, of course, taking for granted that these that have been leaked are all the accounts in possession of the hackers. Minecraft counts more than 100 million subscribers so a massive release of personal information from their database could be very dangerous.
The damage that the people using the leaked information could do is not limited to the Minecraft world, and could go much further than allowing some people to snag a free copy of the game. Many people have the risky habit of using the same password for many services. including email, facebook accounts, or paypal accounts. If that's the case, a person that knows your email and password, could use your email address to send spam emails, or enter your paypal or social media account to do real damage.
If you're a Minecraft player (and chances are that you are), we advice you to change your passwords just in case. And please, don't use "password" or "123456". Those don't even need to be hacked.
How secure is your password? Do you think that a security breach is likely to be happened? Let us know in the comments.