API Misuse: Hacker Leaks 2.6M Duolingo Users' Emails & Names

111@zerobytes.monster · 2 years ago

Taringano@lemm.ee · 2 years ago

What kind of public api has access to the full user list?

Excel@lemmy.megumin.org · 2 years ago

It’s the API that ALLOWED the misuse in the first place, so the developers are the ones to hold accountable.

Oliver Lowe@lemmy.sdf.org · 2 years ago

This is a tricky one. Are the developers themselves responsible or also managers and leadership? I don’t have an answer to this.

Joshua Nozzi@lemmy.ml · 2 years ago

deleted by creator

shotgun_crab@lemmy.world · edit-2 2 years ago

I’d call this API misdesign instead

Taringano@lemm.ee · 2 years ago

The worst is they paint it as “not a real leak” or “not a security issue” when it’s even worse than that.

sik0fewl@kbin.social · 2 years ago

No no no. It’s a public API so it doesn’t count!

sharkfucker420@sh.itjust.works · 2 years ago

Crap, I can’t remember what email I used or what name was on it

Treefox@lemmy.ml · 2 years ago

I used my spam email and my name on there is a meme so I’m not really worried.

API Misuse: Hacker Leaks 2.6M Duolingo Users' Emails &amp; Names