Cyber Incident Victim: Minecraft Pocket Edition forum

In May 2015, the Minecraft Pocket Edition forum (minecraftpeforum.net) experienced a security breach after its domain expired. Prior to expiration, attackers compromised the forum’s database, extracting 16,125 records containing sensitive user information. The breach was publicly disclosed by an individual using the alias @rmsg0d, identified as a member of the hacking group TeaMp0isoN, who released the database dump on an unspecified platform. The exposed data included user IDs, usernames, hashed passwords with corresponding cryptographic salts, login keys, email addresses, and forum participation metadata. Some records additionally contained optional birthdate information voluntarily provided by users during registration. Analysis by DataBreaches.net indicated the dump represented 16,037 unique user accounts, suggesting duplicate or inactive entries were present in the original dataset. The compromised domain remained inactive at the time of disclosure, preventing direct notification to affected users or forum administrators.

The breach exposed forum participants to credential reuse attacks, phishing attempts, and potential identity theft due to the combination of email addresses, birthdates, and authentication credentials. DataBreaches.net confirmed the data had not previously appeared in Google-indexed breach repositories, indicating this was likely the first public exposure of the compromised information. No remediation efforts by forum operators were documented, as the domain’s expiration and inactivity precluded confirmation of the breach or coordinated response. Users seeking to verify their exposure were directed to the third-party data dump location referenced in @rmsg0d’s disclosure, though the article noted uncertainty regarding the attacker’s choice of hosting platform. The incident highlighted risks associated with discontinued online services retaining active user databases without operational oversight.