People who use the Wishbone app are recommended to change their passwords as soon as possible to complex and unique passwords, different on each website, using uppercase and lowercase letters, numbers, and special characters. A common attack from these breaches is called credential stuffing. This attack uses breached login credentials to try to log in to multiple services, which is why it is imperative to make each login unique to each service. Companies, to stop breaches from happening, should perform routine penetration tests as part of their security audits. Another important aspect of a security program is to continuously monitor workstations and servers for signs of attacker behaviors. This can be accomplished with an internal team or by employing a managed security monitoring service such as the Binary Defense Security Operations Center which can detect and defend from attacks by monitoring a company’s endpoints. To read more: https://www.zdnet.com/article/hacker-selling-40-million-user-records-from-popular-wishbone-app