Minecraft wasn't hacked, but users may have been hit by malware
Despite email addresses and passwords being leaked, the company said it was not attacked by hackers
Microsoft-owned online game Minecraft wasn't hacked, the software giant has insisted, but users' email addresses and passwords may have been compromised via phishing and malware attacks.
The firm was forced to rebuff claims made by a German news outlet that Minecraft, which it acquired in Sepetember 2014, had been hacked after 1,800 of its usernames and passwords were published online.
With access to these details, security experts warned criminals could break into accounts, change settings and buy virtual items.
However, the company has denied the service was compromised, the passwords of the affected users were reset straight after the leak came to light.
A Microsoft spokesperson said: "We can confirm that no Mojang.net service was compromised and that normal industry procedures for dealing with situations like this were put in place to reset passwords for the small number of affected accounts.
"When we discover lists of gamertags, usernames and passwords posted online, we take immediate action to protect our customers by reviewing valid credentials and resetting account access when necessary."
Minecraft, which became part of Microsoft when the computer manufacturer bought parent company Mojang in November, has over 100 million users on PCs and tens of millions on game consoles.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
The game invites users to build their own virtual worlds and explore other imaginary places on mobile devices, computers, and game consoles. The mobile edition has been downloaded 30 million times, making it one of the world's most popular games.
Independent security researcher Graham Cluely advised that, even if you change your password, there's a risk criminals can use information taken from the service for other purposes.
He wrote on his blog: "Even if you aren't worried about a stranger accessing your Minecraft account, you should be aware of the dangers that once criminals know you play Minecraft and have your email address they could easily spam out attacks which use social engineering to trick you into clicking on dangerous links or open malicious attachments."
Clare is the founder of Blue Cactus Digital, a digital marketing company that helps ethical and sustainability-focused businesses grow their customer base.
Prior to becoming a marketer, Clare was a journalist, working at a range of mobile device-focused outlets including Know Your Mobile before moving into freelance life.
As a freelance writer, she drew on her expertise in mobility to write features and guides for ITPro, as well as regularly writing news stories on a wide range of topics.