Private details of at least 1000 Australians have been exposed by hackers who have cracked the security of an app that is a favourite with teenage girls.

Hackers have stolen a Wishbone app database containing more than 2.2 million email addresses, mobile phone numbers, full names, gender and birth dates and have circulating them on the internet.

Australian security researcher Troy Hunt, who runs the well-known hacking warning site Have I Been Pwned, this week was alerted to the presence of the database being circulated.

Science Inc, the makers of the app, issued a statement to Motherboard that “the vulnerability has been rectified”, indicating that the security flaw that let the hackers in has been fixed although the information is now out there.

Mr Hunt told News Corp Australia that there was at least 995 records where either the number begins with +61 or the email ends with a com.au, indicating that they are Australians.

“Of course there’ll be a lot more Aussie data in there due to the fact that so many of us use Gmail, Outlook etc and have .com email addresses,” he said.

Teach kids about smart online use

“I urge every parent to check with their child to determine if they’ve used this app. Look through the settings of any other app they are using and see if any personal information is stored in them. If it is, try to remove the information, or remove the app all together,” said RJ Gazarek, product manager at password protection firm, Thycotic.

“While a breach like this reminds us of the dangers the internet can bring, it’s important for parents to teach their kids about safe internet habits on an ongoing basis.

“While the internet has brought us many great treasures, it’s availability on smartphones, tablets, laptops, and gaming devices makes the exposure and use of the internet nearly impossible to avoid.

“Whether a child uses an app on their smartphone, a computer at school, or borrows a friends phone to play around on, the dangers are there and it’s important to teach kids how vital it is never to put any personal information into these apps.”

How to avoid your details falling into the wrong hands

Nathan Wenzler, chief security strategist at AsTech security company, said identify theft was “incredibly problematic”, particularly for teenagers who had a “what’s the big deal?” approach to the problem.

“Parents must help their children understand why protecting their identity is important, especially before they’ve reached adulthood and will be opening back accounts, credit lines and applying for loans,” he said.

“Not sharing personal information when asked for it, using strong passwords and changing them on a regular basis, and learning to monitor for strange activity or new accounts being opened in their names are all important concepts that should be taught.”

Mr Wenzler urged parents to perform online searches periodically to see it their children’s information has been exposed online.

Share your comments below.

Stock photo

  • know what your kids are doing online and maybe restrict them from it until they fully understand the dangers of the internet


  • Oh no, such a scarey thing to happen but all too common and all too easy it seems nowadays


  • Such an easy thing to happen these days – parents have to be careful when teaching their children.


  • I get the ‘what’s the big deal’ attitude so it is so important to explain the full picture and implications of online security


  • Oh my goodness, this is very concerning stuff.


  • Children need to be educated about what they put out there in cyberspace.


  • Wow, I’ve never even heard of this App. I’m concerned about how quickly new apps appear and are adopted by our teens. As adults, I find it so hard to keep up.

    • I agree – there are a lot of apps and sites to keep up with – knowledge about what is out there in the domain is so important.


  • Never heard of the app either, but glad that the details weren’t more personal. Not hard to find someone’s email or phone number, things like that from social media sites anyway. Bank details etc are where you need to be super cautious.


  • Haven’t heard of this app. Good reminder to be super careful, this is such scary stuff. Have another cyber safety chat with my eldest now.


  • Never heard of this app, my kids don’t use it. Good to be warned and teach our kids to be cautious.


  • I am always saddened and dismayed by these stories as they cause some much anxiety for people that have used these apps. Ultimately we have to be responsible for protecting our information, but companies do have an obligation to protect the information of consumers. If they don’t people will no doubt look elsewhere for secure apps and sites.


  • I would remove the app straight away if l had used it!


  • I have never had a Yahoo account. I do have a Gmail account but rarely use it and it doesn’t have an financial details on it. I don’t do banking on email or other electronic device at all. I know a lot of businesses do.


  • SCARY stuff and I like his tips but seriously this is the day and age we live in and we all (and I mean ALL) must be cautious. My first email account was YAHOO ..it did not take me long to realise they had been compromised and that was well before they put out the warning. Seriously a place to set up an email account and that’s not even safe, snail mail being stolen out of letter boxes and the list goes on. It’s a dangerous place we live in at times.


Post a comment
Like Facebook page

LIKE MoM on Facebook

Please enter your comment below
Would you like to include a photo?
No picture uploaded yet.
Please wait to see your image preview here before hitting the submit button.
Your MoM account

Lost your password?

Enter your email and a password below to post your comment and join MoM:

You May Like


Looks like this may be blocked by you browser or content filtering.

↥ Back to top

Thanks For Your Star Rating!

Would you like to add a written rating or just a star rating?

Write A Rating Just A Star Rating