Change Your Wishbone App Password Now
If you have ever used Wishbone social voting app, you need to change your account password immediately. Earlier this year, hackers hacked into the mobile app and stole its entire database of user information, which contained over 40 million usernames, emails, physical addresses, phone numbers and passwords. According to ZDNet , the database has recently appeared on popular hacking forums; ZDNet obtained a copy of the database and confirmed that the account information is new and not a resale of a similar Wishbone leak from 2017.
Mammoth Media, which owns Wishbone, has not made an official statement but is aware of the situation. “Data protection is of the utmost importance,” ZDNet said, adding that it “is investigating the matter and will share any significant developments.” This is better than not admitting a hack at all, but this is a serious security issue and a company must take steps to keep its users safe, such as forcing all users to change their login information.
If you have ever used Wishbone, you should immediately update your password. You should also prevent the application from accessing any linked email or social media accounts. If you’ve used the same email, username, and password combination for other apps, update those accounts as well.
While the password data cannot be immediately used by someone who buys the database, it is poorly encrypted and can be easily decoded by software freely available on the Internet. All a bored attacker needs is one password that you use for everything, and suddenly they will have access to much more data than just what’s associated with your Wishbone account.
As a general rule of thumb, make sure each password you create is unique and complex enough, and use an encrypted password manager so you don’t have to remember them all or store them in potentially insecure locations.