In January 2020, the mobile app to "compare anything" Wishbone suffered another data breach which followed their breach from 2016. An extensive amount of personal information including almost 10M unique email addresses alongside names, phone numbers geographic locations and other personal attributes were leaked online and extensively redistributed. Passwords stored as unsalted MD5 hashes were also included in the breach. The data was provided to HIBP by a source who requested it be attributed to "All3in".
Accounts breached: 9705172
Breached on: January 27, 2020
Exposed data: Auth tokens, Dates of birth, Email addresses, Genders, Geographic locations, IP addresses, Names, Passwords, Phone numbers, Profile photos, Social media profiles, and Usernames
Domain: wishbone.io
Added on: May 28, 2020