Scraped data of 2.6 million Duolingo users released on hacking forum - eviltoast

The scraped data of 2.6 million DuoLingo users was leaked on a hacking forum, allowing threat actors to conduct targeted phishing attacks using the exposed information.

  • z4x15@lemmy.world
    link
    fedilink
    English
    arrow-up
    9
    arrow-down
    1
    ·
    1 year ago

    I’m so glad I switched to duck email. Might as well changes it again and block the old email.

      • Fox@unilem.org
        link
        fedilink
        English
        arrow-up
        5
        arrow-down
        1
        ·
        1 year ago

        Only one thing to do… Start over fresh.

        I just did this a few months ago, and it feels really good to have a proper set-up now, with privacy respecting companies all around.

          • Fox@unilem.org
            link
            fedilink
            English
            arrow-up
            2
            ·
            1 year ago

            Finding the right email provider is what took me the longest, really. Went over all the options multiple times, constantly finding new alternatives and adding them to my list.

            There’s nothing right, and there’s nothing wrong when it comes to this. You’re gonna have to try out a few, and see what feels right for you.

            You should take into account what’s the most important for you;

            • Lots of space?
            • Lots of aliases?
            • Custom domain support?
            • Clean user interface?

            You’re probably gonna have to come to the realization that you will need to pay for it. You know, the old saying “If you’re not paying, you are the product”…

            If privacy is your number one concern, you should check out these three options:

            • Protonmail
            • Tutanota
            • Skiff

            Those are the ones that ended on my final list, and from those I chose Proton, mainly because I’ve used them for a long time already, and they have really good apps.

            Tutanota is the more simple alternative, which is also the cheapest option. They recently changed their premium packages, but you can still buy the old ones using a small trick.

            Skiff actually came after I already decided on Proton, and I’m not sure I’d have gone with Proton if I saw Skiff a bit earlier. Really looking like a great alternative, and they are offering enough in the free tier to be completely viable, even without a subscription.

            To prevent spam, and protect your email, you need an aliasing service, and fortunately this is more simple, since there’s only 2 on the market;

            I went for AnonAddy, because of the price and it being independent. You can get SimpleLogin included with the expensive Proton subscription, but I’m not really prepared to spend 10 bucks a month for email.

            My setup is to use a unique alias for every single website. These aliases are generated through addy.io, using my custom domain. That way I can easily toggle off an address, if spam starts coming in, but I can also change provider to for example SimpleLogin, if anything happens with addy.io.

            That’s just my setup, which I understand can seem a bit complicated to some, but it gives me the freedom, security, and peace of mind that I’m looking for.

        • Unsustainable@lemmy.today
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          1
          ·
          1 year ago

          I’m in the process of doing that. It’s not a quick and easy process. I was so lazy with password, that I would just use a variation of 3 different passwords for everything because that’s all I could remember. Then I had a password exposed, so I decided to change all my passwords to unique passwords and use a password manager. I was shocked to see that I had 126 passwords saved in my browser. That took a long time to go through and change the email and passwords to everything.

          • Fox@unilem.org
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            I totally understand you. It’s indeed quite an enormous task.

            I’ve been on the internet for 20 years, and just like you I used to use the same username, email, and password for everything. Slight variations for some stuff, but generally the same.

            A couple of years ago, I took the problem by the root, and went into my browser’s saved passwords, which I’ve migrates over a couple of times from Chrome and Firefox.

            I was shocked to find over 1200 unique entries, scattered over so many sites. Many of them I did not even recognize.

            I took it from the top and went down the list. Every site I would open, sign in to, and then change the password. If the site did not exist any longer, I would just remove it. If the site looked spammy, I would delete my account. If I couldn’t find a way to delete my account, I would change the email.

            Took me around 3 days to get through the list. There were quite a few duplicates, but also many that just didn’t exist. Ended up with around 500 entries, which I then exported and out into my new password manager Bitwarden.

            It feels good getting it done, but I also understand it’s a daunting task. To me it was fun to relieve some of the memories from my childhood.