Statement Regarding Recent Security Issue

Filipino

Español

Português

Bahasa Indonesia

Français

 

We recently learned that some of our user data may have been improperly accessed. We have taken immediate action to contain and fix the issue, and we are continuing to investigate with assistance from external security experts. 

 

The investigation, to date, indicates that the following types of information may have been involved:

  • Email address
  • Date of birth and gender (if provided)
  • IP address upon sign up, if signed up before 2017
  • Profile display name
  • Account name and salted and cryptographically hashed passwords
  • Responses provided to surveys distributed in 2015 or earlier
  • List of Paid Stories and chapter titles purchased by a user
  • Any third-party account IDs, such as Google or Facebook. Passwords associated with third-party accounts are not stored on our systems and are unaffected.  

 

We want to stress that Wattpad does not store plain text passwords; all Wattpad passwords are encrypted. User stories, private messages, and phone numbers were NOT part of this incident. Financial or payment information are not stored on affected systems and, based on the investigation to date, were not affected in this incident. 

 

Although we use encryption to store passwords, as a precaution, we are taking steps to enhance the standards we use for passwords on our platform and we are recommending you change your password on Wattpad and any other third-party accounts where you use the same password. Here is a link to our Help Centre article to guide you through the process. Please note that Wattpad will never ask you for your password except to sign in to your account, and we will only do this on the Wattpad domain.  If you changed your password after July 21, you do not need to change your password again.

 

Practicing password hygiene — such as changing passwords on a regular basis, not using the same password more than once, and using a password manager — is highly recommended, and makes it less likely that a bad actor could gain access to accounts across services that use the same password.

 

The safety and security of the Wattpad community and your data is our highest priority. We are continuing to investigate this issue, and are assessing additional measures to enhance our security protocols and procedures.  

 

- The Wattpad team

 

 

 

 

 

 

 

 

 

Aming napag-alaman kamakailan na ang ilan sa aming user data ay maaaring na-access nang walang pahintulot. Maagap namin itong tinugunan upang mapigil at maiayos ang isyu, at patuloy pa namin itong sinusuri katulong ang mga external security expert.

 

Ayon sa pinakahuling pagsisiyasat, lumabas na ang mga sumusunod na uri ng impormasyon ay maaaring nailagay sa kompromiso:

 

  • Email address
  • Petsa ng kapanganakan at kasarian (kung ibinigay)
  • IP address
  • Profile display name
  • Ang pangalan sa account at salted and cryptographically hashed na mga password
  • Ang mga sagot na ibinigay sa mga survey na ipinamahagi noong 2015 o mas maaga
  • Listahan ng Paid Stories at pamagat ng mga kabanata na binili ng isang user
  • Anumang third-party account IDs gaya ng Google o Facebook. Ang mga password na nauugnay sa mga third-party account ay hindi naka-imbak sa aming system at hindi apektado.

 

Kahit na ang password ay kasama sa listahan ng impormasyong maaaring na-access, nais naming bigyang diin na ang Wattpad ay hindi nag-iimbak ng mga plain text password, at ang lahat ng mga password sa Wattpad ay gumagamit ng state-of-the-art encryption technology. Ang mga kwento ng mga user, pribadong mensahe, at mga phone number ay HINDI bahagi ng pangyayaring ito. Dagdag pa rito, aming nasiyasat na hindi kasama o nasangkot dito ang mga impormasyon patungkol sa pananalapi o pagbabayad.

 

Bagaman gumagamit kami ng malakas na encryption upang mag-imbak ng mga password, bilang pag-iingat, inirerekumenda namin na agad ninyong baguhin ang inyong password sa Wattpad, pati na sa ibang mga third-party account kung saan ginagamit ninyo ang parehong password. Narito ang isang link sa aming artikulo sa Help Center upang gabayan kayo sa proseso. Mangyaring tandaan na hindi kailanman hihingiin ng Wattpad ang iyong password maliban sa pag-sign in sa iyong account, at gagawin lamang namin ito sa domain ng Wattpad.

 

Nirerekumenda naming sanayin nating gawin ang password hygiene, tulad ng regular na pagpapalit ng mga password, ang hindi pag-uulit ng iisang password, at paggamit ng password manager. Sa ganitong pamamaraan, mas mababa ang posibilidad na makakuha ang ibang tao ng access sa mga accounts sa mga serbisyong gumagamit ng parehong password.

 

Ang kaligtasan at seguridad ng komunidad ng Wattpad at ang iyong data ay ang aming pinakamataas na priyoridad. Patuloy naming sisiyasatin ang isyung ito kasabay ng pagsusuri ng mga karagdagang hakbang upang mapahusay ang aming mga protocol at pamamaraan sa seguridad.

 

Ang Wattpad Team

 

Was this article helpful?
127 out of 164 found this helpful

Comments

Article is closed for comments.