API Misuse: Hacker Leaks 2.6M Duolingo Users' Emails & Names

111@zerobytes.monster · edit-2 1 year ago

API Misuse: Hacker Leaks 2.6M Duolingo Users' Emails & Names

breadsmasher@lemmy.world · 1 year ago

Surely allowing access to this personal data via a public API is a data breach? Its just taking it from something that shouldnt have exposed it rather than hacking into a system

towerful@programming.dev · 1 year ago

Yeh.
Same as if it was a CSV mailing list on an unprotected URL or whatever.
The term “data breach” suggests there was security there to be breeched. Maybe it needs a better term?

unscholarly_source@lemmy.ca · edit-2 1 year ago

Data leak? In the security field, they categorize it as “information disclosure”… But it doesn’t have the same level of gravitas to it

API Misuse: Hacker Leaks 2.6M Duolingo Users' Emails &amp; Names

API Misuse: Hacker Leaks 2.6M Duolingo Users' Emails &amp; Names

API Misuse: Hacker Leaks 2.6M Duolingo Users' Emails & Names

API Misuse: Hacker Leaks 2.6M Duolingo Users' Emails & Names