{
	"id": "998d4657-9027-451d-924d-5f12d236e575",
	"created_at": "2026-04-06T00:11:29.881392Z",
	"updated_at": "2026-04-10T03:21:59.648583Z",
	"deleted_at": null,
	"sha1_hash": "5e64adc1b0556573fb8cfccd2ababec0a5719f47",
	"title": "Wattpad data breach exposes account info for millions of users",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 1794458,
	"plain_text": "Wattpad data breach exposes account info for millions of users\r\nBy Lawrence Abrams\r\nPublished: 2020-07-14 · Archived: 2026-04-05 20:55:06 UTC\r\nAn allegedly stolen Wattpad database containing 270 million records were being sold in private sales for over $100,000.\r\nNow it is being offered for free on hacker forums.\r\nWattpad is a web site that allows members to publish user-generated stories on a variety of different topics. The site is\r\nimmensely popular and is ranked as the the 150th most visited site worldwide.\r\nSince July 7th, BleepingComputer has been tracking the rumored private sale of a Wattpad database containing over 200\r\nmillion records.\r\nhttps://www.bleepingcomputer.com/news/security/wattpad-data-breach-exposes-account-info-for-millions-of-users/\r\nPage 1 of 4\n\n0:00\r\nhttps://www.bleepingcomputer.com/news/security/wattpad-data-breach-exposes-account-info-for-millions-of-users/\r\nPage 2 of 4\n\nVisit Advertiser websiteGO TO PAGE\r\nIn an anonymous tip, BleepingComputer was told that this database was being sold by Shiny Hunters, a group known for\r\nselling company databases acquired in data breaches.\r\nAt the time, Cyber intelligence firm Cyble told BleepingComputer that this database was being sold for ten bitcoins, or\r\nalmost $100,000 at the time.\r\nBleepingComputer contacted Shiny Hunters about this breach, and at first, they were concerned about how we knew about\r\nthe sale, and then later denied having anything to do with it.\r\nA few sample records of this database seen by BleepingComputer contain user names, names, hashed passwords, email\r\naddresses, and general geographic location.\r\nBleepingComputer contacted the users in this sample, and one user confirmed with BleepingComputer that the listed\r\ninformation was accurate.\r\nBleepingComputer was told by Kiel Hume, Director of PR \u0026 Communications at Wattpad, that they are working with\r\nexternal security consultants to investigate the potential breach.\r\n\"We continue to investigate the information you’ve shared and its potential origins. At this time we’ve enlisted external\r\nsecurity consultants to aid our investigation. We take the security of our users and their data extremely seriously, and our\r\nteams will be working around the clock to uncover any new information.\"\r\nUpdate 7/14/20 4:08 PM EST: Hume sent BleepingComputer an updated statement saying that Wattpad is working to\r\ncontain and remediate the breach, but that no financial information, phone numbers, stories, or private messages were\r\naccessed during the incident.\r\nWe are aware of reports that some user data has been accessed without authorization. We are urgently working to\r\ninvestigate, contain, and remediate the issue with the assistance of external security consultants.\r\nFrom our investigation, to date, we can confirm that no financial information, stories, private messages, or phone numbers\r\nwere accessed during this incident. Wattpad does not process financial information through our impacted servers, and active\r\nWattpad users’ passwords are salted and cryptographically hashed. \r\nWe are committed to maintaining the trust that our users have placed in us to ensure the safety and security of the Wattpad\r\ncommunity.\r\nWattpad database now free on a hacker forum\r\nWhile the database was previously being sold for the high price of $100,000, the database is now being offered for free and\r\nclaims to contain 271 million users.\r\nToday, a new user was registered on a hacker forum using the name and photo of ZDNet reporter Catalin Cimpanu and\r\nbegan offering this alleged database for free.\r\nhttps://www.bleepingcomputer.com/news/security/wattpad-data-breach-exposes-account-info-for-millions-of-users/\r\nPage 3 of 4\n\nCimpanu, who is a former reporter at BleepingComputer, is likely being impersonated due to his recent article about the\r\nhack of Vinny Troia's NightLion security firm, who claims to be revealing the identity of Shiny Hunters and other data\r\nbreach sellers this week.\r\nThe user offering this database claims that 145 million passwords are hashed with bcrypt, and the other 44 million are\r\nhashed with SHA256.\r\nThis mixture of hashing methods was used in the samples seen by BleepingComputer.\r\nThe number of users reported to be in this stolen database conflicts with the reported 80 million total users on Wattpad in\r\n2019.\r\nBleepingComputer has not independently verified this database's authenticity other than the limited samples shared with us\r\nlast week.\r\nUpdate July 20th: Wattpad released an updated statement that they are resetting all user's passwords \"out of precaution\".\r\n\"Out of precaution, and as is common in these situations, we are resetting passwords and advising users to change passwords\r\non other sites if they used the same password.\"\r\nAutomated Pentesting Covers Only 1 of 6 Surfaces.\r\nAutomated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the\r\nother.\r\nThis whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic\r\nquestions for any tool evaluation.\r\nSource: https://www.bleepingcomputer.com/news/security/wattpad-data-breach-exposes-account-info-for-millions-of-users/\r\nhttps://www.bleepingcomputer.com/news/security/wattpad-data-breach-exposes-account-info-for-millions-of-users/\r\nPage 4 of 4",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://www.bleepingcomputer.com/news/security/wattpad-data-breach-exposes-account-info-for-millions-of-users/"
	],
	"report_names": [
		"wattpad-data-breach-exposes-account-info-for-millions-of-users"
	],
	"threat_actors": [],
	"ts_created_at": 1775434289,
	"ts_updated_at": 1775791319,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/5e64adc1b0556573fb8cfccd2ababec0a5719f47.pdf",
		"text": "https://archive.orkl.eu/5e64adc1b0556573fb8cfccd2ababec0a5719f47.txt",
		"img": "https://archive.orkl.eu/5e64adc1b0556573fb8cfccd2ababec0a5719f47.jpg"
	}
}