Crooks post proof that accounts are valid

Jan 19, 2015 16:30 GMT  ·  By

A list containing usernames and clear text passwords for more than 1,800 accounts of open-world game Minecraft has been dumped into the public domain.

It is unclear how the database was compiled but it appears that some of the users impacted are from Germany, news outlet Heise reports.

The publication also informs that the cybercriminals that made the credentials public also posted proof that the accounts were valid.

Apart from the fact that the log-in data can be used to download a full version of the game (priced $23 / €19.95), it also works for playing on behalf of the rightful owner.

However, with each leak of this kind a more significant issue arises, that of password recycling. It is a well-known fact that many users rely on the same password to log into other online accounts.

Cybercriminals are also aware of this insecure practice and oftentimes try the sign-in credentials found in one leak on other online accounts.

An incident of this kind has recently been recorded by airline companies United and American, in the case of the latter no less than 10,000 customers having their loyalty accounts breached and emptied of the accumulated frequent flyer miles.