its use of
the OpenSSL cryptographic software left its web users vulnerable to an exploit,
so they are recommending users change their passwords (a similar recommendation
is being made for users of
). Here's word:
Two days ago a serious vulnerability
(that’s been named “Heartbleed”) in the popular cryptographic software OpenSSL
was made public. This weakness could potentially be exploited to steal
information, such as login information, that normally would be protected by
encryption. This software is used by roughly two thirds of the internet so a lot
of services were or are at risk of being affected.
What did Mojang do?
As soon as we realized the severity of the exploit we decided to shut down all
of our systems until a fix was available. This is why you were unable to log in
yesterday. We then made sure that all of our services that use SSL no longer had
this vulnerability before bringing them back online. We also updated all of our
What should I do?
Change your Mojang/Minecraft account password
Since uses of the exploit leaves no traces, there’s no way for us to guarantee
that your password hasn’t been compromised. Therefore, if you typed in your
password into any of our games or websites during the last couple of days we
strongly advice you to change it. Even if you haven’t logged in, it can still be
a good idea the to change your password. One can never be too careful on the