Wishbone (2020)

What Happened

In January 2020, the mobile app to "compare anything" Wishbone suffered another data breach which followed their breach from 2016. An extensive amount of personal information including almost 10M unique email addresses alongside names, phone numbers geographic locations and other personal attributes were leaked online and extensively redistributed. Passwords stored as unsalted MD5 hashes were also included in the breach. The data was provided to HIBP by a source who requested it be attributed to "All3in".

Compromised Data

Auth tokens
Dates of birth
Email addresses
Genders
Geographic locations
IP addresses
Names
Passwords
Phone numbers
Profile photos
Social media profiles
Usernames

Recommended Actions

Change Your Password

If you haven't changed your password on this service since the breach, do so immediately.

Enable Two-Factor Authentication

If 2FA is supported, add an extra layer of security to your account.

Sponsored
1Password

Use a password manager to generate and store strong, unique passwords for all your accounts. 1Password helps protect your data with industry-leading security.

Try 1Password

Breach Overview

  • Affected Accounts:

    9.7 million

  • Breach Occurred:

    January 2020

  • Added to HIBP:

    28 May 2020

Recommended Actions

Change Your Password

If you haven't changed your Wishbone (2020) password since 2020, do so immediately.

Enable Two-Factor Authentication

Add an extra layer of security to your account.

1Password

Use 1Password to generate and store strong, unique passwords for all your accounts.

Try 1Password