A hacker has leaked 40 million Wishbone user records that contain a treasure trove of information that could be used to perform phishing campaigns, account takeovers, and credential stuffing attacks. BleepingComputer has been able to independently confirm that the data is legitimate as it contains user records for people we know have used the app and who have confirmed the accuracy of the data. The data includes usernames, hashed MD5 passwords, mobile numbers, Facebook and Twitter access tokens, gender, date of birth, MD5, and much more.
Source: https://www.bleepingcomputer.com/news/security/hacker-shares-40-million-wishbone-user-records-for-free/