If you happen to receive emails from Mojang that "You've requested to change the secret questions" than your account is at risk, and the password is compromised. The emails looks like the following:
It happened to me, even though I use a unique password for every single account. The security breach won't go further than possibly having access to the account for like a few hours. The password has been changed to something unique again, but personally I feel it's very weird on how they 'guessed' it. I use top of the line antivirus and am very web-aware, so I'm more thinking that it somehow got leaked or intercepted. Then again, I was negligent into changing the password, as it remained the same for two years. A very bad practice to have a password remain unchanged for so long.
It happened to me, even though I use a unique password for every single account. The security breach won't go further than possibly having access to the account for like a few hours. The password has been changed to something unique again, but personally I feel it's very weird on how they 'guessed' it. I use top of the line antivirus and am very web-aware, so I'm more thinking that it somehow got leaked or intercepted. Then again, I was negligent into changing the password, as it remained the same for two years. A very bad practice to have a password remain unchanged for so long.
