Security Experts:

Connect with us

Hi, what are you looking for?


Incident Response

7 Million Impacted by Lifeboat Minecraft Community Breach

The accounts of more than 7 million members of the Minecraft community “Lifeboat” have been exposed after a data breach in early 2016.

The accounts of more than 7 million members of the Minecraft community “Lifeboat” have been exposed after a data breach in early 2016.

On Tuesday, security researcher Troy Hunt revealed on Twitter that the millions of accounts were exposed in January, and that he was uploading the data on his website, so that users could check to see if they were exposedin the breach. As usual, the data on his website comes from website breaches which have been made publicly available.

According to another tweet from the researcher, the data leak included email addresses and weakly hashed passwords, meaning that the attackers could decrypt them rather easily. This also means that users who might have been reusing the same password for other accounts could risk further compromise.

The Lifeboat community hosts custom, multiplayer environments of the mobile version of Minecraft, allowing users to engage into new game mods. The Lifeboat systems only keep usernames, hashed passwords and email addresses, which means that no other user data could have leaked following the breach.

What’s interesting, however, is that Lifeboat appears to have not informed users on the breach, and that it didn’t even publicly prompt any password resets. However, Lifeboat reportedly confirmed that it has been aware of the issue since January, while also suggesting that it has quietly prompted password resets to ensure hackers aren’t aware of that.

Moreover, a Lifeboat representative said that they haven’t received reports that people were damaged by the data breach. However, security researchers suggest that the data might be searchable online, meaning that at least accounts with weak passwords might be at risk.

Grayson Milbourne, the senior intelligence director at Webroot, told SecurityWeek in an email that the attack shows once again why people should use different passwords for different accounts. He also mentions the fact that Lifeboat themselves tell users to go for short passwords, albeit difficult to guess ones.

“More than likely this was an attack on LifeBoat’s servers which provided access to users’ account information. Lifeboat’s setup guide for Minecraft states the following when selecting a password – ‘we recommend short, but difficult to guess passwords. This is not online banking’,” Milbourne told SecurityWeek.

“Since Lifeboat only keeps usernames, hashed password and email addresses, the amount of data collected is rather limited. Passwords where hashed, but with an easily crackable MD5 hash. This is yet another example of why it is important to use different passwords for different sites. Failing to do so can lead to further account compromise when one is breached. If unique passwords are too much effort, I recommend making sure your primary email uses a unique password from all other online accounts,” he added.

We have contacted Hydreon Corporation (Lifeboat Network is a registered trademark of Hydreon) for a comment on the breach and we will update the article as soon as a reply arrives.

Related: American Express Warns Cardholders of Data Breach

Related: Data Breach at UC Berkeley Impacts 80,000

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Incident Response

Cygnvs emerges from stealth mode with an incident response platform and $55 million in Series A funding.

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...

Incident Response

Implementation of security automation can be overwhelming, and has remained a barrier to adoption

Incident Response

Meta has developed a ten-phase cyber kill chain model that it believes will be more inclusive and more effective than the existing range of...