541
Scraped data of 2.6 million Duolingo users released on hacking forum
(www.bleepingcomputer.com)
This is a most excellent place for technology news and articles.
The thing is the average person either can't or can't be bothered to remember even a dozen actually secure passwords, so they fall back to a couple of simple derivations of a common password, meaning each and every site a user signs up on represents an additional single point of failure.
That's a good point.