Just last week, roughly 1,800 Minecraft usernames and passwords were leaked in what was suspected to be a hacking incident. For those who are now a little paranoid over the security of Minecraft, you can rest assured because Mojang has come forward to clarify that the incident was not so much a hack, but rather a case of phishing.For those unfamiliar, phishing is when an attacker tries to disguise themselves as a trustworthy entity in order to glean sensitive information off you. For example phishing could come in the form of emails where the sender could pretend to be from your bank and are asking you for your login details in an attempt to “verify” who you say you are.
Sometimes these emails even have links to fake websites where the details you enter are sent to the attacker, which is pretty much what happened in the case of the Minecraft username and password leak. According to Mojang’s Owen Hill, “No-one has gained access to the Mojang mainframe. Even if they did, we store your passwords in a super encrypted format. Honestly, you don’t need to panic.”
If you saw your username and password in the list, then you should probably go ahead and reset your password. For those who did not receive any of the suspicious phishing emails, you guys should be safe, although constantly updating your password is not a bad thing either.