Has there been an official response to this? I see it was forwarded but no response? Is this a sign of security issue and bad code being injected (unlikely) or bad Quality control (most likely)? If you don't catch something like this what are your coding practices... I understand users are beta testers these days, and I'm okay with it. But Quality Control and following standards like OWASP and other best practices don't change. Just ask CrowdStrike, SolarWinds, Microsoft, and many other companies that have caused issues for their customers and sometimes even more than that.
Yeah a bit of a paranoid response, but SolarWinds thought the same thing as I'm sure did Minecraft.
Not that it matters, but having to post on the forum to get any kind of re-assurance your not hacked is silly.