ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

Wishbone (2016) Data Breach

wishbone.io
Significant exposure
Verified breach
Accounts exposed 2,247,314
Breach date 07 Aug 2016
Added to tracker 15 Mar 2017
Data classes 7

What happened

In August 2016, the mobile app to "compare anything" known as Wishbone suffered a data breach. The data contained 9.4 million records with 2.2 million unique email addresses and was allegedly a subset of the complete data set. The exposed data included genders, birthdates, email addresses and phone numbers for an audience predominantly composed of teenagers and young adults.

Exposed data

Auth tokens Dates of birth Email addresses Genders Names Phone numbers Usernames

Recommended actions

  • Watch for targeted phishing emails referencing Wishbone (2016) โ€” attackers weaponise breach data quickly.
  • Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
  • Exposed identity data raises identity-theft risk โ€” consider credit monitoring or a credit freeze.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP