ALERT: Data from 2.6 million Duolingo users stolen by hackers; understand

Recently, a worrying cybersecurity incident occurred involving the leak of data of 2.6 million users of the Duolingo.

This exposure took place on a forum frequented by hackers, which now makes it possible for malicious actors to carry out targeted attacks from phishing.

see more

Next solar eclipse is coming; see date, time and in which…

Registration open: competition for the Chamber of Deputies has salaries at…

Duolingo, renowned as one of the largest global language learning sites, has more than 74 million monthly users worldwide and has suffered from a hacker attack against its users.

The data was acquired through an application programming interface (API) that was exposed, and this exposure has been in evidence since at least March 2023.

Researchers have widely shared information on how to use this API, including through tweets and public documentation.

The API functionality makes it possible for any individual to enter a username as input and receive as output a JSON file containing public details of the respective user's profile.

Duolingo suffers from data leak

During the month of January of this year, a disturbing situation emerged involving the leak of information of 2.6 million Duolingo users.

This data was spotted for sale on the now-defunct Breached forum, with a stipulated price of $1,500, according to reports from Bleeping Computer.

This information has been found to contain a mix of authentic and public usernames, as well as of sensitive data, such as email addresses and internal details regarding the services offered by the Duolingo.

While real names and usernames are publicly available as part of user profiles on Duolingo, the biggest concern centers around email addresses.

During the period that the data was available for purchase, Duolingo communicated to TheRecord that this data had been obtained from publicly available information in user profiles.

At the same time, they were conducting an investigation to determine if additional security measures were needed.

However, the company did not explicitly address the fact that email addresses were also included in the leaked data. It is noteworthy that such addresses are not in the public domain, but remain under the domain of hackers.

At Trezeme Digital, we understand the importance of effective communication. We know every word matters, so we strive to deliver content that is relevant, engaging, and personalized to meet your needs.

Bolsa Família will have an additional R$ 50 for THESE families

This past Thursday, the 2nd, President Luiz Inácio Lula da Silva (PT) will sign the Provisional M...

read more

Ferrero Rocher: new line promises even more delicious chocolate

There is no doubt that Ferrero Rocher is a symbol of quality and a reference in chocolate. Happy ...

read more

In Venezuela, economic crisis leaves children out of school

Schools practically deserted. This was the scenario encountered on Monday, the 17th, by most publ...

read more
instagram viewer