541
Scraped data of 2.6 million Duolingo users released on hacking forum
(www.bleepingcomputer.com)
This is a most excellent place for technology news and articles.
Take this with a pinch of salt but what I'm gathering is that it's essentially just taking people's public profiles but the Duolingo api also exposes users' e-mail addresses (and possibly other info) that isn't normally displayed as part of the user's public profile via their app.
In essence, they're exposing more data than they probably should be and users were not really aware that data was being made public - that's why people are upset about it.
Ok, this makes sense -- in which case the API should not be exposing data that isn't otherwise available on the public profile, so that is significant.