Top arcade game maker leaks nearly 19 million user records via WeChat mini app
Wahlap, a major arcade game maker, has exposed nearly 19 million user records through an unsecured Elasticsearch instance linked to its WeChat mini-programs. The leaked data includes sensitive information such as phone numbers and unique user IDs, raising concerns about potential phishing and fraud. Although the archive has been secured post-disclosure, there is currently no evidence that the data was exploited.
- ▪Wahlap left an open Elasticsearch instance exposing 18.9 million records tied to its WeChat mini-program ecosystem.
- ▪The exposed data includes 6.6 million unique Union IDs and 1.7 million phone numbers.
- ▪Researchers warn that the data could be used for targeted phishing attacks and fraud.
Opening excerpt (first ~120 words) tap to expand
Pro Security Top arcade game maker leaks nearly 19 million user records via WeChat mini app News By Sead Fadilpašić published 21 May 2026 Millions of users may have had data leaked When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. (Image credit: Shutterstock) Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter Wahlap left an open Elasticsearch instance exposing 18.9 million records tied to its WeChat mini‑program ecosystemData included 6.6 million unique Union IDs, 1.7 million phone numbers, and personal details that could enable targeted phishing and fraudThe archive was locked down after…
Excerpt limited to ~120 words for fair-use compliance. The full article is at TechRadar.
Discussion
0 commentsMore from TechRadar
