Millions of Duolingo Users’ Data Available for Sale on Hacking Forum
- Written by Shipra Sanganeria Cybersecurity & Tech Writer
Duolingo, a popular language learning app saw around 2.6 million users’ scrapped data leaked on a hacking forum. The compromised data included a user’s email address, phone numbers, real and login names, as well as information related to availed Duolingo services.
The app which boasts of more than 74 million users, stated in January this year that it was investigating the leak, when samples of user information was posted on the now defunct hacking forum, Breached for $1,500.
According to the company’s initial statement, the attackers have not breached its systems, rather the information was obtained from public sources. Nevertheless, the availability of leaked email addresses is concerning as it exposes the compromised individuals to phishing and social engineering attacks.
‘’No data breach or hack has occurred. We take data privacy and security seriously and are continuing to investigate this matter to determine if there’s any further action needed to protect our learners,” the company’s spokesperson stated.
First spotted and revealed by VX-Underground on social platform X, the leaked dataset was available for sale on the new version of the Breached hacking forum for as little as $2.13.
Using an exposed application programming interface (API) which was first identified in March 2023, the attackers had managed to obtain the information. By exploiting the API, an attacker only needs to feed in the target’s email address or username to obtain the JSON file containing public information matching with the submitted usernames.
Although the abuse of this API was reported by Duolingo and other cybersecurity researchers earlier this year, it still continues to be freely available on the web.
According to security researchers, scrapped data containing public information is not too dangerous. However, when mixed with private, sensitive information, the data can be a potent weapon in the hands of threat actors, especially when carrying out phishing attacks.
BlackCat Ransomware Group Claims Responsibility for Seiko Data Breach Incident
- Written by Shipra Sanganeria Cybersecurity & Tech Writer
BlackCat Ransomware Group Claims Responsibility for Seiko Data Breach Incident
The notorious ransomware group, BlackCat/ALPHV claimed responsibility for the cyberattack on Japanese watchmaker Seiko. The July 28, data breach incident was disclosed by the company in a statement, published earlier this month.
Japan-headquartered Seiko Group Corp., manufacturer of clocks, watches, semiconductors, jewelry, and optical elements, employs around 12,000 employees and has annual revenue of more than $1.6 billion.
The incident was first reported by the company on its website on August 10; however, it gained attention only after BlackCat added the company to its list of victims. The group also published samples of stolen data on its dark web site as proof. The shared data included scan copies of employee passports, sales reports, new watch designs, alleged production plans, and lab test results.
Seiko in its notification stated that unauthorized third-party or parties gained access to one of its servers and extracted information. The details of the compromised data were not disclosed in the statement; however, the company did reveal the launch of an internal investigation.
‘’Subsequently, on August 2nd, we commissioned a team of external cybersecurity experts to investigate and assess the situation,’’’ the statement read. ‘’As a result, we are now reasonably certain that there was a breach and that some information stored by our Company and/or our Group companies may have been compromised,’’ revealed Seiko.
The company stated that it would be continuing with the investigation to understand what type of information was accessed and extracted by the hackers. In addition to apologizing to its customers and business partners, Seiko also asked the latter to remain vigilant to avoid potential phishing attacks.
‘’[..] ask our customers and business partners to contact us immediately if you receive any suspicious or unusual emails or notifications from us. [..] Please take extreme precautions to prevent your own systems from harm. Tell your staff to refrain from opening such mails if possible or, if they were opened by mistake, to avoid accessing any included links, read Seiko’s statement.
In recent months, the infamous ransomware gang has become well known for attacking enterprises like Estée Lauder , NCR Corp., Casepoint Inc., Reddit, among others.
