Fan sites and generally anything online getting hacked isn’t always news, even when it is video gaming related. However, when they are big in terms of accounts affected, like the Playstation hacks, it tends to get noticed. So far Minecraft on any platform has managed to stay fairly secure but unfortunately that isn’t the case anymore as a major fan site for Minecraft: Pocket Edition, called Lifeboat, was hacked.
Lifeboat is a big fan site for the portable version of Minecraft, boasting over 7 million accounts and mainly focusing on Minecraft: Pocket Edition. The site even offers paid VIP status to help support it. The security breach has apparently affected all of those accounts, with all of the information and sensitive data from the 7+ million accounts having been extracted, according to online security expert Troy Hunt. This breach actually happened back in January 2016, but for some reason, whether it is still under investigation or from some other reason, this wasn’t reported until now publicly.
Example of game type at Lifeboat
If you play the desktop version of Minecraft, this does not affect anything regarding your information. This was solely targeted at Minecraft: Pocket Edition, which makes us wonder what the actual goal of this breach was. Regardless, if you’re thinking you were affected by this breach, you should be able to check for your email address over on HaveIBeenPwned.com which will show you if your address was part of said breach. Keep an eye out there over the next couple of days to see if it shows up.
If you haven’t changed your password yet on Lifeboat, you should probably get to it. Interestingly enough, the staff behind the site hasn’t even made an announcement about the breach publicly yet, although everyone was sent out a notice to change passwords recently. Depending on what sort of information you used in your account, there is a possibility that whoever ends up with your information could write a script of some kind to use those credentials on more sensitive sites like your email, your bank account, or your social media accounts. You may want to keep an eye out for any activity on any other account that may seem out of place.
Here’s what Lifeboat had to say about the breach:
When this happened [in] early January we figured the best thing for our players was to quietly force a password reset without letting the hackers know they had limited time to act. We did this over a period of some weeks. We retain no personal information (name, address, age) about our players, so none was leaked. We have not received any reports of anyone being damaged by this. – Lifeboat Rep
The main problem here, besides the breach of course, is the lack of disclosure by Lifeboat. Not a word even in their blog about this. If this news hadn’t of come out from Vice, no one would even know that this had happened to their accounts over there. No matter what the reason, users should always be informed of these types of things.