Duolingo Users Beware: Troubling News Has Surfaced

They know about languages, but we'll leave cybersecurity for another day.

Duolingo Users Beware: Troubling News Has Surfaced
Chema Carvajal Sarabia

Chema Carvajal Sarabia

Who hasn’t used Duolingo at some point to learn a second language? As the world’s most famous app for learning new languages, the ones affected by today’s news number in the millions. Myself included.


According to Bleeping Computer, some 26 million app accounts are directly affected.

The public and private data was obtained through an application programming interface (API) and offered on a hacker forum in January.

Usernames and real names, email addresses, phone numbers and courses studied were part of the collection offered for 1.500 dollars.

Data that, fortunately, nobody wants

Now, this data has resurfaced on a different forum, at a substantially lower price, just a few dollars.

The API that provided this user data is still publicly available. Usernames queries retrieve public profile details, while submitting an email address reveals private data such as profile pictures, location, and whether a Facebook or Google account is linked, as discovered by researchers.

Collectively, this data can aid scammers and hackers in crafting more personalized phishing attempts.

Unfortunately, Duolingo users can’t expect much protection from the service. When this data first emerged, the company categorized the lost data as “public profile information.”

What can be done?

The usual. Avoid opening emails from unknown senders whenever possible and, above all, do not click on links or download files from them.

You can also anonymize your online profiles. Remove your real name, disconnect your Google and Facebook accounts, and upload a generic avatar image.

Consider using a secondary email address or one created specifically for this purpose. This way, it will be easier for you to avoid falling into hackers’ traps. By the way, you can download the app for free here.


Some of the links added in the article are part of affiliate campaigns and may represent benefits for Softonic.

Chema Carvajal Sarabia

Chema Carvajal Sarabia

Journalist specialized in technology, entertainment and video games. Writing about what I'm passionate about (gadgets, games and movies) allows me to stay sane and wake up with a smile on my face when the alarm clock goes off. PS: this is not true 100% of the time.

Latest from Chema Carvajal Sarabia