Wishbone app hack exposes data of 40 million users

Shiny Hunder offer stolen data for free on infamous hacker forum

binary on a screen with words 'hacking attack'

Hackers have leaked 40 million Wishbone app users’ data, including usernames, email addresses, hashed MD5 passwords, mobile phone numbers, Facebook and Twitter access tokens, dates of birth, profile images and much more.

The hackers initially listed the data for 0.85 bitcoin ($8,000) on the dark web but later offered it for free. 

The Wishbone database began circulating in March, according to Bleeping Computer, and was only listed for sale yesterday on an infamous. The nefarious Shiny Hunters group has taken credit for the hack.

Though Wishbone has yet to confirm the hack, Bleeping Computer independently verified the accuracy of much of the exposed data.

Wishbone users should immediately change their passwords on the app to avoid any issues. Users should also consider disconnecting Wishbone from their Facebook and Twitter accounts until it confirms the data breach and has taken action to remedy it.

Wishbone isn’t the first to be targeted by Shiny Hunters this month. Just a few weeks ago, the group compromised 73.2 million user records from over 11 companies across the globe.

The Shiny Hunters group is also responsible for the recent Tokopedia data breach that exposed 91 million user records.

Featured Resources

Modern governance: The how-to guide

Equipping organisations with the right tools for business resilience

Free Download

Cloud operational excellence

Everything you need to know about optimising your cloud operations

Watch now

A buyer’s guide to board management software

Improve your board’s performance

The real world business value of Oracle autonomous data warehouse

Lead with a 417% five-year ROI

Download now

Recommended

Hackers use Linux backdoor on compromised e-commerce sites with software skimmer
malware

Hackers use Linux backdoor on compromised e-commerce sites with software skimmer

19 Nov 2021
Iranian hackers ramp up attacks against IT services sector
hacking

Iranian hackers ramp up attacks against IT services sector

19 Nov 2021
TikTok phishing campaign tried to scam over 125 influencer accounts
social media

TikTok phishing campaign tried to scam over 125 influencer accounts

18 Nov 2021
Alibaba ECS instances targeted in new cryptojacking campaign
cryptocurrencies

Alibaba ECS instances targeted in new cryptojacking campaign

16 Nov 2021

Most Popular

Dell XPS 15 (2021) review: The best just got better
Laptops

Dell XPS 15 (2021) review: The best just got better

14 Jan 2022
Sony pulls out of MWC 2022
Business operations

Sony pulls out of MWC 2022

14 Jan 2022
Synology DiskStation DS2422+ review: A cube of great capacity
network attached storage (NAS)

Synology DiskStation DS2422+ review: A cube of great capacity

10 Jan 2022