Wattpad Breach

Wattpad suffered a major data breach in June 2020 that exposed hundreds of millions of user records, making it one of the largest known breaches involving a consumer storytelling platform. Data associated with the incident included approximately 270.9 million rows, and DataBreach.com found the exposed information included passwords, email addresses, and names.

The breach appears to have involved a broad set of account data tied to Wattpad users. Public reporting at the time indicated that exposed information included usernames, email addresses, dates of birth, gender, and password data. Wattpad later said affected passwords had been encrypted, but the scale of the incident still created significant risk for users, particularly because large identity datasets can be repurposed for credential stuffing, phishing, impersonation, and account takeover attempts across other services.

What made the Wattpad breach especially notable was the size and nature of the platform itself. As one of the internet’s largest communities for online storytelling and fan fiction, Wattpad held data on a vast global user base, including many younger users. That made the exposure more than a routine credential leak: it was a breach involving a high-volume social and creative platform where account identity, profile information, and community participation all carried potential downstream privacy risk.

The stolen database was reportedly circulated in private channels before later becoming more widely available, increasing the likelihood of reuse by other threat actors. Even when passwords are encrypted rather than stored in plaintext, large breach datasets like this remain highly valuable because they can be combined with older leaks, password cracking efforts, and social-engineering campaigns to target affected users over time.