Duolingo data breach exposes data of 2.6 million users
The personal information of over 2.6 million users of the popular language learning app Duolingo has been compromised. Duolingo data breach has led to the leaked data being posted on a hacking forum, posing significant risks to the affected users.
The breach involves the unauthorized scraping of personal information from Duolingo's user database. Attackers gained access to sensitive user data, including usernames, email addresses, and potentially even hashed passwords.
X user FalconFeedsio has shared a screenshot of a user from the dark web who sells the information they received with the Duolingo data breach.
The DuoLingo database (scraped) has been listed for sale in a hacker's forum. According to the user, the claimed data contains 2.6 million account entries.#databreach #cyberrisk pic.twitter.com/7jttRnncpM
— FalconFeedsio (@FalconFeedsio) January 24, 2023
Information revealed in Duolingo data breach on the dark web
The stolen data was subsequently released on a prominent hacking forum, accessible to cybercriminals and threat actors.
This exposure raises concerns about the potential misuse of the leaked information for various malicious activities, such as targeted phishing attacks.
Affected users now face an increased risk of falling victim to phishing attempts and identity theft.
With email addresses in the hands of cybercriminals, users might receive deceptive messages designed to steal further personal information or spread malware.
Duolingo is on the case
According to The Record, Duolingo has acknowledged the breach and is actively investigating the extent of the incident.
The spokesperson for Duolingo has said: “These records were obtained by data scraping public profile information,”.
The company is likely to take measures to enhance its security protocols, potentially implementing two-factor authentication and security awareness initiatives.
Read also: Cybersecurity experts develop a dark web-trained AI
Users are strongly advised to change their Duolingo account passwords immediately.
Additionally, they should be cautious of unsolicited communications, especially those requesting personal or financial information.
Featured image credit: Duolingo
Advertisement