Wattpad Data Breach

  • Published: Jun 25, 2024
  • Last Updated: Jul 09, 2024

Reportedly, in the top 160 most visited websites in the world, Wattpad prides itself as the world's most loved storytelling platform. Based in Toronto, Wattpad works closely with publishing companies to identify emerging trends and promote new material. In June 2020, Wattpad suffered a data breach, exposing nearly 270 million records. The exposed records were sold for about $100,000 and later published on a public hacking forum. The precise method used to breach Wattpad's systems was not publicly disclosed. However, such incidents usually involve exploiting security vulnerabilities within a company's systems or infrastructure.

Wattpad Data Breach

Wattpad claimed it was made aware in July 2020 that some customer data may have been improperly accessed. The company said it took immediate action to remediate and contain the issue. Its investigation into the breach indicated that the following types of information were exposed: email address, date of birth, gender, IP address at sign up (if sign up was before 2017), account name and salted and cryptographically hashed passwords, third-party account IDs, and profile display name and information that were made public in the "status" and "about" fields of the profile. Since financial information was not stored on the affected system, no financial information was accessed in the breach, according to Wattpad. Story purchases on the platform, per a Wattpad statement, are processed via third-party vendors.

A notorious threat actor, ShinyHunters, claimed responsibility for the breach. However, they claim not to be responsible for the publicly released database. Although Wattpad stated it does not store passwords as plain text, several files circulated in dark web forums with about 8 million decrypted Wattpad user passwords.

When Was the Wattpad Breach?

Wattpad stated the company was only made aware of a data breach in July 2020. However, it is believed that the database was initially breached in June 2020, with personally identifiable information and user account credentials exposed. 

How to Check If Your Data Was Breached

Although Wattpad stated the company posted a statement on its Help center and Corporate Site, sent emails directly to users, and posted alerts on social media, notifications were not targeted at affected individuals. Hence, if you have an account with Wattpad at the time of the breach, it is safe to assume that your data may have been compromised. To check whether your email address was exposed to known data breaches like the Wattpad data leak, you may use the website HaveIBeenPwned.com to verify your status. 

What to Do If Your Data Was Breached

If you have not changed your password on Wattpad's website since July 2020, the company recommends that you do so immediately. Wattpad also suggests that you change your password on any accounts where you may have used the same password as the one used on its website. 

Are There Any Lawsuits Because of the Data Breach?

No, there are no known lawsuits against Wattpad for the 2020 data breach. 

Can My Wattpad Information Be Used for Identity Theft?

A cybersecurity intelligence firm, Cyble, said in a July 15, 2024, post that, when assessing forum posts, 271 million users' data, including login credentials, contact numbers, full names, and dates and births, leaked in the breach. Consequently, this leaked information can be used by nefarious actors to perpetrate identity theft. 

What Can You Do to Protect Yourself Online?

Protecting yourself online involves a combination of best practices and tools designed to safeguard your personal information and privacy. Consider taking the following steps to protect yourself online:

  • Do not share personal information, such as financial information, over the phone or by SMS or email
  • Use strong and unique passwords and enforce multi-factor authentication, such as 2FA, where possible
  • Monitor your financial transactions regularly. If you notice suspicious activity or a transaction, contact your financial institution immediately.
  • Turn on the automatic software update feature on your antivirus, operating system, and other applications that access the Internet.
  • Use a reputable anti-virus or other internet security software package on your internet-enabled devices.
  • Use the AmIBreached.com online site to verify if your data has been leaked in a breach previously.
  • Check your credit reports and consider investing in credit monitoring services.
  • Be wary of phishing emails. Do not click on links from unknown or suspicious sources.
  • Do not provide private personal or financial information to unknown requesters.

Related Articles

What is Data Leak and How to Prevent Accidental Data Leakage

Data breaches take many forms, and one of them is through data leak and accidental web exposure. M ... Read More

The Saga of T-Mobile Data Breach: 2013, 2015, 2021 and 2023 Hacks

T-Mobile has experienced a number of data breaches in the past decade. The first case occurred som ... Read More

Anthem Data Breach Exposed 78 Million Records

In the Anthem Data Breach of 2015, hackers were able to steal 78.8 million member’s records. ... Read More

Everything You Need to Know About Insider Data Breach

Data breaches are on the news frequently, but the average person doesn’t really know that much a ... Read More

The NSA Hack, How Did it Happen?

The National Security Agency (NSA) was the main attraction in a major data breach involving three ... Read More

Latest Articles

Avoiding Scams During the 2024 Paris Olympics

Avoiding Scams During the 2024 Paris Olympics

Breakdancing is coming to the world stage while French citizens stage a creative protest with the hashtag "JeChieDansLaSeineLe23Juin.

What is a Brute Force Attack in Cybersecurity and How to Prevent it

What is a Brute Force Attack in Cybersecurity and How to Prevent it

In the world today, there is a plethora of critical data circulating the internet, leading to complex attacks like brute force attacks.

Watering Hole Attacks: What They Are and How to Prevent Them

Watering Hole Attacks: What They Are and How to Prevent Them

Hackers often lurk around the most popular websites, looking for ways to exploit users. These sites include ticket purchasing, travel, e-commerce, and banking.

Featured Articles

How to Buy a House with Bad Credit

How to Buy a House with Bad Credit

Buying your own home is the American Dream, but it might seem out of reach to those with bad credit. However, the good news is, if your credit is less than perfect, you do still have options and in most cases, can still buy a home.

How Secure Is Your Password? Tips to Improve Your Password Security

How Secure Is Your Password? Tips to Improve Your Password Security

Any good IT article on computers and network security will address the importance of strong, secure passwords. However, the challenge of good passwords is that most people have a hard time remembering them, so they use simple or obvious ones that pose a security risk.

Top 10 Senior Scams and How to Prevent Them

Top 10 Senior Scams and How to Prevent Them

Senior scams are becoming a major epidemic for two reasons. First, seniors often have a lot of money in the bank from a life of working hard and saving.

Notice

By proceeding with this scan, you agree to let IDStrong run a Free Scan of supplied parameters of your personal information and provide free preliminary findings in compliance with our Terms of Use and Privacy Notice. You consent to us using your provided information to complete the Free Scan and compare it against our records and breach databases or sources to provide your Free preliminary findings report.

Rest assured: IDStrong will not share your information with third parties or store your information beyond what is required to perform your scan and share your results.

Free Identity Threat Scan
Instantly Check if Your Personal Information is Exposed
All fields below are required
Please enter first name
Please enter last name
Please enter a city
Please select a state
Please enter an age
Please enter an email address
Close