My account was hacked
Hello everyone, I'm pretty sure my account got hacked. The hacker set a rather disturbing description on my profile and followed a bunch of people, I'm pretty sure that's all was done. I have no idea how they got into my account and I'm wondering if anyone else is having this problem too.
Yes, there are multiple users who run into that problem; also on Memrise.
Abuse report: https://support.duolingo.com/hc/en-us/requests/new
I am not sure how they can directly help you.
Only thing you can personally do is change your password and clear the bio field in your settings.
I am not sure if you can force a 100% logout on ALL devices on duolingo.com (clear your login cockie sessions) after you have changed your password.
Maybe their abuse team can help you further which for sure stands in direct contact with 3rd level administrators / backend developers.
Thank you, I emailed the support team and deleted cookies. I’ll see if that prevents anything
Quote: I deleted cookies.
I did not mean YOUR browser cookies but the login session cookies which are hold and may be still valid on their server(s).
If a hacker is still logged into your account on another device it may not be enough that YOU log out on your side.
As I said, I have no idea if Duolingo developers do invalide all cookies and terminate ALL sessions (for ALL devices) once you have changed your password and re-login.
You may want to ask this staff directly in the ticket.
When I changed my password it logged me off my phone so I’m guessing if my account was logged in somewhere else, it’s logged off. What I still don’t know is how someone got into my account in the first place
With an easy password it's pretty easy for bots to hack into accounts and post Spam. That's why your account bot followed so many people because lots of people get email notifications when someone "friends" them and so these people (hopefully from the spam producer's side) look at the profile to see who likes them so much and then they see the malicious link. Basically free advertising.
Well the original article is not available for some reason but the google cache copy still is:
It's quite interesting.
But you might want to change all your passwords now, including for your email accounts and so on.
This is the standard answer we usually share with people who suspect someone else used their account:
1) Were you using a password that you use on other services (email, shopping sites, twitter, facebook, etc?). 2) Were you in a Duolingo for Schools classroom with a teacher you do not know? 3) Did you log in to Duolingo on a shared computer or device and forgot to log out?
Most importantly, have you changed your Duolingo password? If not, you should first make sure you have a valid email address (double check that it is indeed yours and wasn't changed by the prankster) on your Duolingo account, and please change your password now.
Remember: make sure the new password is something tricky (not your birthday or the word "password") and unique to Duolingo (a password you don't use on other apps and websites).
yeah, it's truly mysterious to me why would anyone want to hack a duolingo account :)
Yeah, I’m just as confused as you. I don’t see any reason to hack an account other than soliciting scams lol