Scraped data of 2.6 million Duolingo users released on hacking forum - eviltoast

The scraped data of 2.6 million DuoLingo users was leaked on a hacking forum, allowing threat actors to conduct targeted phishing attacks using the exposed information.

  • Fox@unilem.org
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    I totally understand you. It’s indeed quite an enormous task.

    I’ve been on the internet for 20 years, and just like you I used to use the same username, email, and password for everything. Slight variations for some stuff, but generally the same.

    A couple of years ago, I took the problem by the root, and went into my browser’s saved passwords, which I’ve migrates over a couple of times from Chrome and Firefox.

    I was shocked to find over 1200 unique entries, scattered over so many sites. Many of them I did not even recognize.

    I took it from the top and went down the list. Every site I would open, sign in to, and then change the password. If the site did not exist any longer, I would just remove it. If the site looked spammy, I would delete my account. If I couldn’t find a way to delete my account, I would change the email.

    Took me around 3 days to get through the list. There were quite a few duplicates, but also many that just didn’t exist. Ended up with around 500 entries, which I then exported and out into my new password manager Bitwarden.

    It feels good getting it done, but I also understand it’s a daunting task. To me it was fun to relieve some of the memories from my childhood.