Toronto-based startup Wattpad has confirmed it is investigating a massive breach of user data, following claims made by cybersecurity intelligence firms and “credible threat actors” on online forums.
When reached for comment regarding the data breach, a Wattpad spokesperson pointed BetaKit to a statement released on July 14 that noted the company is “aware of reports that some user data has been accessed without authorization.”
Wattpad stated it is “urgently working to investigate, contain, and remediate the issue,” with the assistance of external security consultants.
Wattpad stated it is “urgently working to investigate, contain, and remediate the issue.”
Cyble, a cybersecurity intelligence firm based in Georgia, noted in a July 15 post that it detected claims of a breach in the first week of July and received information of approximately 270 million user records being sold for 10 bitcoins, or approximately $100,000 at the time. Cyble noted that the data was later being offered for free.
Cyble claimed that based on assessing forum posts, the 271 million users’ records included login credentials, full names, contact numbers, and dates of birth. The cybersecurity firm noted that based on its sources and a post on an online hacking forum, it believes the breach occurred in June 2020. The firm also claims to have verified a sampling of the leaked user accounts.
BetaKit has confirmed the existence of a post from one online forum, RaidForums, which claims the Wattpad data breach contained information on “271 million users,” including password hashes for 189 million users. Re-uploads of the July 14 post in the following days claim that the data includes Facebook identifications, Tumblr passwords, and emails. The content of the post matches a redacted screenshot published by Cyble.On Monday, Wattpad updated its July 14 statement, announcing that it would be resetting passwords and is advising its users to change passwords on other sites if they used the same password.
“From our investigation, to date, we can confirm that no financial information, stories, private messages, or phone numbers were accessed during this incident,” the statement reads. “Wattpad does not process financial information through our impacted servers, and active Wattpad users’ passwords are salted and cryptographically hashed.”
Multiple Wattpad users BetaKit spoke with confirmed that they have not received communication from the company related to the breach, or the need to change their account password. Instead, they said they were notified through services such as Firefox and 1Password that their passwords may have been compromised.
Notably, while Cyble claims that more than 270 million users’ records were breached, Wattpad reported in August that it has 80 million monthly users. BetaKit has reached out to Wattpad to confirm the number of users affected. BetaKit also reached out to Wattpad to verify what information was compromised, and whether the company had reached out to those affected. A Wattpad spokesperson declined to comment on all questions, noting that the company would continue to update its online statement as its “investigation continues.”
An anonymous source speaking with tech news site BleepingComputer, which first reported the potential breach, claimed that the database was being sold by a group called “Shiny Hunters,” a hacking group that claimed in May to have almost 200 million stolen records from at least 13 companies.
Image source Wattpad.
With files from Douglas Soltys.