Dark web listings show a massive LiteBans dump with usernames, IP addresses, and password hashes now circulating, raising immediate risks of doxxing, account theft, and targeted harassment for players.
The Minecraft multiplayer world is dealing with another serious security incident after reports emerged of a large scale data leak from Meloncraft. According to breach monitoring outlets the database first surfaced in dark web marketplaces and quickly drew attention for its size and content.
Meloncraft relied on the widely used LiteBans plugin to handle player punishments such as bans and mutes. The leaked dataset is believed to be an export from that system and includes not just punishment logs but direct player identifiers.
What Exactly Was Leaked
- 663726 total records
- Player usernames
- IP addresses
- Password hashes compatible with AuthMe authentication
- Associated ban mute and warning data
Security analysts warn that the IP data opens the door to doxxing swatting and DDoS attacks while the password hashes could be cracked especially for users with simpler credentials. Many players use the same login details across multiple Minecraft servers and even outside the game increasing the potential fallout.
The breach is still fresh with listings referencing activity in 2026 and samples shared as proof. Threat actors appear to have targeted the backend database directly. At the time of reporting no public statement or patch details have come from the Meloncraft operators leaving the community to navigate the risks on their own.
This incident adds to a pattern of server side vulnerabilities that keep resurfacing in the Minecraft ecosystem. While official Mojang products benefit from tighter controls third party servers and plugins remain prime targets. Players and server owners alike may want to treat this as a wake up call for better data hygiene.
Other
