Credentials could be used on other online accounts
A list containing usernames and clear
text passwords for more than 1,800 accounts of open-world game
Minecraft has been dumped into the public domain.
It is
unclear how the database was compiled but it appears that some of the
users impacted are from Germany, news outlet Heise reports.
The publication also informs that the cybercriminals that made the
credentials public also posted proof that the accounts were valid.
Apart from the fact that the log-in data can be used to download a full
version of the game (priced $23 / €19.95), it also works for playing on
behalf of the rightful owner.
However, with each leak of this kind a more significant issue arises,
that of password recycling. It is a well-known fact that many users rely
on the same password to log into other online accounts.
Cybercriminals are also aware of this insecure practice and oftentimes
try the sign-in credentials found in one leak on other online accounts.
An incident of this kind has recently been recorded by airline companies
United and American, in the case of the latter no less than
10,000 customers having their loyalty accounts breached and emptied of the accumulated frequent flyer miles.
Comments
Post a Comment