What happened?
Earlier this month, we were made aware that limited customer data may have been improperly accessed. We took immediate action to contain and remediate the issue. We also retained external security experts to assist in our active investigation into the issue.
What type of information was exposed?
The investigation, to date, indicates that the following types of information may have been involved:
Email addressDate of birth and gender (if provided)IP address upon sign up, if signed up before 2017 Profile display nameAccount name and salted and cryptographically hashed passwordsResponses provided to surveys distributed in 2015 or earlierList of Paid Stories and chapter titles purchased by a userAny third-party account IDs, such as Google or Facebook. Passwords associated with third-party accounts are not stored on our systems and are unaffected.
We want to stress that Wattpad does not store plain text passwords; all Wattpad passwords are encrypted. User stories, private messages, and phone numbers were NOT part of this incident.
Was any financial information accessed? What about financial information to process payments for Paid Stories?
We do not store financial information on the affected system, so no financial information was accessed as a result of this incident. Paid Stories purchases are processed through third-party vendors and were also not part of this incident.
Is there any potential impact on users?
Given the type of information that we have about our users, we think it's unlikely that this will meaningfully affect our users. Wattpad does not store plain text passwords, and Wattpad passwords use encryption. However, out of an abundance of caution, we are enhancing our password requirements for all accounts and asking our users to change their passwords.
User stories, private messages, and phone numbers were NOT part of this incident. Additionally, our investigation has not identified any signs that financial or payment information was involved. Wattpad does not maintain financial information on the affected system. Paid Stories purchases are processed through third-party vendors that were not part of this incident.
Is it safe for users to continue using their accounts?
Yes. Out of an abundance of caution, we are suggesting that our users change their passwords.
What can users do to protect accounts?
Although we use encryption to store passwords, as a precaution, we are enhancing standards required for passwords on our platform and recommending users change their passwords on Wattpad and any other third-party accounts where they use the same passwords.
Why did Wattpad reset passwords?
Encrypted passwords were accessed as part of this incident. As a precaution, and as is common in these situations, we are recommending users change their passwords and advising users to change passwords on other sites where they used the same passwords. The plain text data was encrypted and not visible; however, because the security of our users is a top priority we felt it was important to proactively inform our users and prompt them to change their passwords out of an abundance of caution.
Should users also reset passwords for their other accounts?
As a matter of practice, users should change passwords on a regular basis, not use the same password more than once, and use a password manager. In line with practicing password hygiene, we recommend users change their passwords on other sites they may have re-used the same password that they used on our platform.
Has this issue been resolved? What has Wattpad done to fix it?
As soon as this incident was discovered, our teams worked urgently to identify, contain, and remediate the issue and perform an extensive security investigation. We also engaged third- party security experts to run a forensic security audit. While our investigation continues, we will be reviewing ways in which we can bolster the security of our corporate infrastructure technology to help protect against similar incidents in the future.
Has Wattpad reported this incident to law enforcement?
Yes, as the security of our community and user data is our highest priority, we notified law enforcement. We have also engaged third-party security experts to assist in our investigation.
Why didn't Wattpad tell users sooner?
Once we became aware that there might be an issue, we immediately began investigating and have been urgently working to understand the depth of this security incident. At the same time, our team members were working to confirm that our systems and user data was secured. Containing and remediating the incident were a matter of foremost priority
THIS IS WRITTEN BY WATTPAD. Visit the original article here:
https://support.wattpad.com/hc/en-us/articles/360046141392-FAQs-on-the-Recent-Wattpad-Security-Incident
YOU ARE READING
Wattpad Strategies No One Told You About ✔
Random❝ If you are one of the people who made another account just to vote on your own book, read this because you are not the only one. ❞ I've been on Wattpad since 2013, and believe me when I say I discovered a lot. - cover design by @Milochondria - © 2...