Sooo, Some people just logged onto my server with my UUID and OP'd themselves Code (Text): [18:32:15] [Thread-960/INFO]: UUID of player Letigo is 99de5dde-39ef-46b0-ae40-8b259cc9af0d [18:32:15] [Server thread/INFO]: [Essentials] Found new UUID for Letigo. Replacing 5fdcd6ff-5b85-4acc-ab6b-b5e9863fa24b with 99de5dde-39ef-46b0-ae40-8b259cc9af0d [18:32:15] [Server thread/INFO]: Letigo[/18.104.22.168:54453] logged in with entity id 20038895 at ([prison]-772.9490779307206, 71.0, 51.44783188955688) [18:32:15] [Craft Scheduler Thread - 1463/INFO]: [GAListener] Player: Letigo has 0 votes [18:32:15] [Craft Scheduler Thread - 1467/INFO]: [BanManager] Requesting name for 5fdcd6ff-5b85-4acc-ab6b-b5e9863fa24b [18:32:24] [Server thread/INFO]: Letigo issued server command: /pl The second UUID is mine. They op'd a couple accounts. Using spigot essentials. Spigot version git-870264a-0a645a2 http://mcuuid.net/?q=5fdcd6ff-5b85-4acc-ab6b-b5e9863fa24b replaced with http://mcuuid.net/?q=99de5dde-39ef-46b0-ae40-8b259cc9af0d BanManager still requested the proper UUID. The hackers accounts all trace to ReliableSite if that's of any relevance ( http://www.ip-tracker.org/locator/ip-lookup.php?ip=22.214.171.124 ) This is a MASSIVE issue. It could be an Essentials issue since Ban Manager requested the proper UUID. @md_5 @Thinkofdeath security loophole? And as for the people that did it, they advertised IPs, http://www.blizzardprison.com/index.php Most of the admins from here were also opped.