Should I change my password?

Yes, especially if you have reused the exposed password on other platforms.

Are MD5-hashed passwords secure?

No, MD5 is considered outdated and insecure for password hashing due to vulnerabilities to brute-force attacks.

What is Wishbone's mobile app about?

Wishbone allows users to make comparisons between two options, often as a form of social polling.

How can I enhance my account security?

Use unique passwords, activate multi-factor authentication, and regularly monitor your accounts for suspicious activity.

Back to Radar

Wishbone (2020)

High

The Wishbone app breach exposed 9.7M user records, including personal data and MD5-hashed passwords.

Records exposed: 9,705,172 records
Breach date: Breach Jan 27, 2020
Last update: Updated May 28, 2020

Source

What data was exposed?

Fields reported as compromised in this breach record.

Auth tokensDates of birthEmail addressesGendersGeographic locationsIP addressesNamesPasswordsPhone numbersProfile photosSocial media profilesUsernames

Why does this breach matter?

In-depth analysis of the breach and its implications.

In January 2020, the mobile application Wishbone experienced a significant data breach that compromised over 9.7 million user records. Exposed information included email addresses, names, phone numbers, geographic locations, and other personal attributes. Passwords stored as unsalted MD5 hashes were included, significantly increasing security risks for affected users.

Impact Analysis

Understanding the scope and consequences of this breach.

User Impact: Compromised sensitive user information may lead to phishing, identity theft, or account takeovers.
Business Impact: Loss of user trust, potential regulatory consequences, and strained consumer relationships.
Affected Sectors: Social Media
Technology
Mobile Applications
Geographic Impact: Global

What You Should Do

Recommended actions to take in response to this breach.

If You Were Affected

•Change your password on all accounts using the same credentials.
•Monitor your accounts for unusual activity.
•Beware of phishing attempts targeting exposed information.

Preventive Measures

•Use strong, unique passwords for each account.
•Enable multi-factor authentication when available.
•Educate users about recognizing phishing attempts.

Frequently Asked Questions

Common questions about this breach and what it means for you.

Personal data including email addresses, names, MD5-hashed passwords, phone numbers, and geographic locations were compromised.

Attribution

Additional attribution provided with the breach record.

All3in

Wishbone (2020)

What data was exposed?

Why does this breach matter?

Impact Analysis

What You Should Do

If You Were Affected

Preventive Measures

Frequently Asked Questions

Attribution

Community

Resources

Product

Legal

Wishbone (2020)

What data was exposed?

Why does this breach matter?

Impact Analysis

What You Should Do

If You Were Affected

Preventive Measures

Frequently Asked Questions

What type of data was exposed?

Should I change my password?

Are MD5-hashed passwords secure?

What is Wishbone's mobile app about?

How can I enhance my account security?

Attribution