Breach of user data on its online storytelling platform

Synopsis

In July 2020, the company disclosed that they had been the target of a data breach, initially stating that no financial information, private messages or phone numbers were exposed. Shortly afterwards the company revealed an incident update on a support webpage, detailing the exact data that the malicious actors could have obtained.

The data potentially exposed included users’ email addresses, birthdates, gender information, IP addresses, Wattpad profile display names, account names, responses to website surveys distributed in 2015 or earlier, lists of paid stories and chapter titles purchased by a user, and any third-party IDs, such as Google or Facebook. It was reported that the company's stolen database contained 270 million records.

Analyst

Courtenay Brammar

Experienced global enterprise risk and governance professional. Previously Vice President at Morgan Stanley, Deloitte Risk Advisory practitioner and PRMIA steering committee member in both London and New York.

Additional services

We offer a range of cost-effective, fixed-price training programmes and consultant services derived from the unique insights gained from all our case study data.

If you'd rather we did the heavy lifting in developing a cyber incident response plan or lessons learnt training for your organisation underpined by our unique insight into the challenges faced and strategies implemented by organisations countering today's cyber security threats then please contact us here.