Wattpad

Wattpad suffers significant data leakage from its users

We recently commented on the details of the massive hack that Twitter was the victim of last week, through which a fraudulent campaign with bitcoins went viral. This week started a new scandal, this time affecting Wattpad.

Recently, a massive leak of personal data from this platform for the publication of independent texts for writers and readers was revealed, a situation that affected 271 million users, whose personal data began to be marketed on the black market.

The finding came from the hand of the cybersecurity company Cyble, who through their blog pointed out that they found in a hacker forum a database of around 120 GB of personal information of Wattpad users, published by someone who claimed having violated the database of that platform.

Initially, this file was shared for free. However, at the beginning of this month, the information in question was sold for 10 bitcoins, a figure close to $ 100,000. According to Cyble’s report, after making its finding public, the black market value of this data package was increased to such a figure as a consequence.

Post offering stolen data from Wattpad. Source: Cyble

According to the information released, it is presumed that the Wattpad database suffered an attack in June of this year, after which the aforementioned leak of 271 million user records was originated, which would contain the credentials access to Wattpad (username and password combination), full name, contact number, date of birth, Facebook ID and Tumblr password. Clearly, this is sensitive data.

After this situation was made public, the alarms went off in many of the Wattpad users, who expressed their astonishment and discomfort through social networks. To contain this commotion, the company behind this service issued a statement in which they stated that From our investigation to date, we can confirm that no financial information, stories, private messages, or phone numbers were accessed during this incident.. To this they added that Wattpad does not process financial information through our affected servers. And the passwords of active Wattpad users are processed cryptographically.

Wattpad is a leading social platform for written storytelling, founded in 2006 in Toronto, Canada. In it, fans and more skilled writers share their creations. Its content is mostly in English, but also 50 other languages ​​have their own space, highlighting a strong presence of the Spanish-speaking community.

Among the general recommendations to prevent further exposure to an event of this nature, it is recommended not to use the same password on several sites, make use of a multi-factor authentication system if possible, and periodically check if you have been the victim of a leak. on platforms such as Have I Been Pwned, Firefox Monitor or AmiBreached, which are dedicated to alerting about this type of case.

In case of being a victim of this situation or a similar one, the first recommendation is to change the compromised passwords and, where applicable, review the list of connected devices and the history of activity or transactions carried out.

For Wattpad, the investigation of this episode is still ongoing, so it is expected to know soon the official confirmation of more information related to this event and above all, the procedure with which the Canadian startup will act from now on in matters of security.