Wongnai Data Breach

What Happened

In October 2020, 17 previously undisclosed data breaches appeared for sale including the Thai restaurant, hotel and attraction finding service, Wongnai. The breach exposed almost 4M unique customer records from some time during 2020 along with names, phone numbers, links to social media profiles and passwords stored as MD5 hashes. The data was self-submitted to HIBP by Wongnai.

Compromised Data

Dates of birth
Email addresses
Geographic locations
IP addresses
Names
Passwords
Phone numbers
Social media profiles

Recommended Actions

Change Your Password

If you haven’t already changed the password affected by this breach, do so immediately on every account where it was used.

Enable Two-Factor Authentication

Wherever 2FA is supported, add an extra layer of security to your account.

Sponsored
Aura

Get Aura for identity theft and credit protection. Keep your assets safe with fast fraud alerts, instant credit lock, and $1,000,000 identity theft insurance. Speak to a U.S. based fraud specialist 24/7.

Try Aura
Sponsored
1Password

Use a password manager to generate and store strong, unique passwords for all your accounts. 1Password helps protect your data with industry-leading security.

Try 1Password
Sponsored
Guardio

After a breach every click matters. Guardio’s AI-powered protection is the only solution that shields you from phishing, scams, and fake logins before they cause damage.

Try Guardio

Breach Overview

  • Affected Accounts:

    3.9 million

  • Breach Occurred:

    October 2020

  • Added to HIBP:

    4 Nov 2020

Recommended Actions

Change Your Password

If you haven’t already changed the password affected by this breach, do so immediately on every account where it was used.

Enable Two-Factor Authentication

Wherever 2FA is supported, add an extra layer of security to your account.

Sponsored
1Password

Use a password manager to generate and store strong, unique passwords for all your accounts. 1Password helps protect your data with industry-leading security.

Try 1Password
Sponsored
Aura

Get Aura for identity theft and credit protection. Keep your assets safe with fast fraud alerts, instant credit lock, and $1,000,000 identity theft insurance. Speak to a U.S. based fraud specialist 24/7.

Try Aura
Sponsored
Guardio

After a breach every click matters. Guardio’s AI-powered protection is the only solution that shields you from phishing, scams, and fake logins before they cause damage.

Try Guardio