MY CABBAGES!!!
Anyone get that reference? no? alright, i leave now.
Thought I would give you all an update about what happened.
Recently an exploit in Minecraft was found allowing people to log on as any user. This affected all servers (Bukkit/Spigot/Vanilla). This exploit usually has a 1% success rate, but was widely publicized when a change to the Spigot code increased the success rate to 10%.
Four players came onto our server and started logging on as our staff members. They started with ItalianChild, Shadowmeire, Ninjamonk, but each time they realised that they could not OP themselves with the staff accounts. Finally they asked our players who the owners were and managed to log in as Kyle and Andy, making themselves OP.
They then went on a world edit spree, changing over 6.5 million blocks before one of the staff managed to shut down the server, not before they decided to delete our lobby map.
Thanks to our staff, all the block changes have been rolled back and I have restored to lobby so that there have been no loss of blocks. The server has been patched and the players have been banned and IP banned.
Thank you to everyone who helped out, and I’m sorry to those who were banned in the cross-fire by the hackers.
To protect from future exploits, our server will begin to move towards two factor authentication for SOPs and Admins. This will not affect other staff or players.
Sounds like a plan. Glad i shut her off before more damage was done.
They had our server at 89% when i decided it was best to do that.
Glad all this is over. Thank’s Spec for helping me. :3
Very interesting! Glad it was resolved, good work. 
Question, was no one suspicious when they hacked those operator accounts and asked who the owner was?
Sword, so many people ask who the owners are everyday…
And i believe it said Shadowmeire joined the game or something to that effect, so they maybe didn’t notice? and if they did, how would they say anything? they did what they could and got on the forum.
even me dont know the owner i always taught it was andy_
how u even can get hacked with your personel question on your account?
It’s not a password issue Chris. Andy and Spec both own the server.
Kyle, the good news is neither of us were hacked =3
Not password hacked, but my account was one of those used.