Mojang Security News: April 8, 2014

[Pixelatorx2]

I believe your only course of action would be to contact Mojang's support network. If you can confirm that you are the owner of the account, then they should be able to manually change any information you request.

omg NO the email I need to verify with is unobtainable since we changed email... please someone help! Is there anyway I can change the email?

same problem.

TotallyIsSimo and norverified I too had the same problem. Fill out This form, Mojang will contact you from there (Make sure you have ALL the correct information! Tip: When filling out the message section, provide as much detail as possible. Try and give things like the time of day you purchased your account, the purchase ID, date of purchase etc.)

Good luck!

 

[¡Sam!]

Thank you very much, wouldn't have found out otherwise!

 

[Ali]

Good thing I haven't played today oryesterday

 

[Jon | Lqzer]

Well, I doubt any minecraft accounts will be threatened to get stolen (besides big names like CaptainSparklez).

The thing with Heartbleed is that it's mostly focused on bank accounts, BTC, and PayPal.

I wouldn't be too worried if you're just an average user, however if you have a very high profile bank account with a handsome amount of wealth in it, I would change your passwords.

It also focuses on messages sent in the deep web. Business information and critical government information. The crime of stealing documents about tesla production.. god I wonder how fast you'd be put on death row.

Another thing to keep note of, this heartbleed bug has been around for a while, and it just got fixed yesterday. However, keep in mind some web services can still be using an old version of OpenSSL... I'd recommend you keep a different password for different services. Rest assured, most surface web services should be upgraded.

Col_StaR
http://www.minecraftsurvivalgames.com/threads/minecon-cape-fraud.96150/

 

[Zado]

Lets hope for the best. Cant acess my computer atm and just saw this.

 

[SC_Swag]

Can they only access certain accounts or???

 

[TheManWithFire]

Do i need to change ?

Can't remember my password -_-

 

[Ava]

The exploit isn't really Mojang's fault this time around, as it was an exploit in the OpenSSL library that about 66% of the Internet uses. None of our systems were affected.

 

[SpaghettiSquid]

None of our systems were affected.

Yeah that's because you don't have any form of encryption and transmit usernames and passwords in plain text for anyone to intercept! Your users are constantly vulnerable if logging in from a public/unsecured wifi network.

Though who would really take the time to mess around with your MCSG account, when they're snooping for banking passwords and whatnot, but still.

Edit: Albeit lots of people use the same password on many if not all the websites they use. Meaning that Googles encryption is pointless if a user here uses the same password in both places.