In September this year, Zynga announced "While the investigation is ongoing, we do not believe any financial information was accessed. However, we have identified account login information for certain players of Draw Something and Words With Friends that may have been accessed. As a precaution, we have taken steps to protect these users' accounts from invalid logins. We plan to further notify players as the investigation proceeds."
However, the HaveIBeenPwned site suggests a different story. "In September 2019, game developer Zynga (the creator of Words with Friends) suffered a data breach. The incident exposed 173M unique email addresses alongside usernames and passwords stored as salted SHA-1 hashes. The data was provided to HIBP by dehashed.com."
In addition, anyone who played the games via Facebook also had their Facebook ID and phone number (if provided to Facebook) revealed in the breach.
Starting in 2007 and moving forward with such games as Farmville, CityVille, Hit It Rich, Zynga Poker, CSR Racing and many others, Zynga's games are available for play on Facebook, iOS and Android platforms.
Of course because the passwords were salted, the task of reversing the hashes back to plain text is significantly more difficult for the 'intruders,' but not impossible.
Other reporting suggests that the hack is significantly more pervasive than Zynga has admitted, although confirmation has not yet been obtained.
Once final concern is the sale by Zynga's director Ellen F. Siminoff of 5000 shares in the company just 4 days ago, and prior to any public announcement of the latest breach. This was disclosed in a formal filing to the US SEC. No investigation is currently pending.