API Misuse: Hacker Leaks 2.6M Duolingo Users' Emails & Names
API Misuse: Hacker Leaks 2.6M Duolingo Users' Emails & Names
www.hackread.com
API Misuse: Hacker Leaks 2.6M Duolingo Users' Emails & Names
8 comments
8 comments
API Misuse: Hacker Leaks 2.6M Duolingo Users' Emails & Names
API Misuse: Hacker Leaks 2.6M Duolingo Users' Emails & Names
Surely allowing access to this personal data via a public API is a data breach? Its just taking it from something that shouldnt have exposed it rather than hacking into a system
Yeh.
Same as if it was a CSV mailing list on an unprotected URL or whatever.
The term "data breach" suggests there was security there to be breeched. Maybe it needs a better term?
Data leak? In the security field, they categorize it as "information disclosure"... But it doesn't have the same level of gravitas to it