So yesterday while I was at work, someone managed to login AS me, but my account was not compromised. They managed to OP 4 of their friends and completely ravage the server. Code (Text): 2013-09-06 14:34:01 [INFO] markkearney[/18.104.22.168:52188] logged in with entity id 2075837 at ([hub] 270.5, 254.0, -284.5) 2013-09-06 14:34:32 [INFO] fffizzz[/22.214.171.124:52272] logged in with entity id 2091857 at ([hub] 266.30706098509285, 179.66552038974027, -291.16335836038166) 2013-09-06 14:55:57 [INFO] Disconnecting fffizzz [/126.96.36.199:52478]: Invalid client reply 2013-09-06 14:56:18 [INFO] fffizzz[/188.8.131.52:52488] logged in with entity id 2227180 at ([hub] 239.30000001192093, 166.20000004768372, -313.69999998807907) 2013-09-06 15:06:28 [INFO] Disconnecting fffizzz [/184.108.40.206:52609]: Invalid client reply 2013-09-06 15:06:35 [INFO] fffizzz[/220.127.116.11:52616] logged in with entity id 2317571 at ([hub] 266.5, 72.0, -280.5) 2013-09-06 15:10:21 [INFO] fffizzz [/18.104.22.168:52684] lost connection You can see every 10 minutes the session servers (im assuming) would force disconnect this person, but they could log back in. I was not using one of the builds with the exploitable code (unless it went back further than the post said). I took some extra precautions yesterday after the event, but I still dont know how this occured and was hoping you guys had some insight into this. I was on build 1083, but read that anything below 1088 was fine.