Hacks hit the headlines every day – whether that’s someone compromising the security of SWIFT and stealing over $80m or BeautifulPeople.com’s member info being leaked online or the Ashley Madison hack, or…well, you get the picture.
Knowing that your data could end up in the hands of ‘the bad guys’ is troubling enough, but at least when you’re told about it, you have the opportunity to take some basic security measures – like changing the password of any other services that you’ve foolishly set to the same answer.
However, if you weren’t ever told that your data had been taken, you wouldn’t be able to take those precautions, which is the situation that more than 7 million users of the Lifeboat Minecraft: Pocket Edition server found themselves in, according to Motherboard.
Several people contacted by the organization say that they were never told about the potential for their passwords being misused. Indeed, a statement supplied on the hack suggests that it was entirely deliberate to not inform users.
When this happened [in] early January we figured the best thing for our players was to quietly force a password reset without letting the hackers know they had limited time to act. We did this over a period of some weeks.
Lifeboat added that no personal information was leaked, as it holds none.
While there’s an argument that the company was looking to act in the best interests of users by quietly resetting the security information, being truly transparent, forcing a password reset sooner and holding your hands up to the blame is the only real way to move forward and rebuild trust.
Now, go and change your passwords everywhere.