Usually a hash (like MD5 or BCrypt), though older or poorly secured servers might have leaked plaintext. ip_address : Used for tracking or banning players.
Often the primary target for attackers looking to perform credential stuffing on other platforms. Related "Horror Stories" in SQL Management mineleaks_users.sql
A developer once accidentally ran a .sql script meant for a staging environment on production, executing a DELETE query that wiped all real user data because it lacked a proper WHERE clause. Usually a hash (like MD5 or BCrypt), though
One company lost six months of critical data because the DBAs set up backups but had their access revoked by a "Systems Team" who didn't realize the jobs were failing until an audit occurred. mineleaks_users.sql