"Massive Data Breach Exposes 2.6 Million Duolingo Users to Hackers"
The scraped data of 2.6 million Duolingo users, including email addresses and internal information, has been leaked on a hacking forum, potentially enabling targeted phishing attacks. The data was obtained through an exposed API that allowed anyone to retrieve user profile information, including email addresses. While Duolingo confirmed that the data was scraped from public profiles, they did not address the inclusion of non-public information. Companies often dismiss scraped data as not a concern, but the mixture of public and private data increases the risk and potential violation of data protection laws.