SpiceMC

In January 2021 the SpiceMC Minecraft server experienced a significant data security incident. An unauthorized party gained access to the user database containing information for approximately 460000 players. The breach exposed sensitive details including player nicknames associated with their connection history. Crucially the leak included IP addresses and passwords stored as AuthMe hashes. This type of incident often results from misconfigured server plugins or vulnerabilities in the authentication system allowing attackers to dump the backend database. The exposure of these credentials puts users at risk of credential stuffing attacks on other platforms if they reuse the same passwords.