Ducks Unlimited Data Breach

If you are a member of Ducks Unlimited, your personal information, including your date of birth, email address, and password to the Ducks Unlimited website may have been exposed in a Ducks Unlimited data breach.

According to Risk Based Security in an article here (scroll down a bit), the breach was from a database of 2 million users that was found on an unsecured backup. According to their research, the database was from January 2021. The information contained the more than 400,000 website user names, email addresses, physical addresses, phone numbers, dates of birth, partial credit card numbers and passwords that were stored in an easily hacked format.

I searched the Ducks Unlimited website along with Google and did not find any acknowledgement from the organization that Ducks Unlimited data breach happened. However, as someone who has been in the web industry as both a developer and hosting business owner I would caution you to take steps to secure your information before your other accounts might be hacked.

How to check if your data was involved in the data breach

Go to the website haveibeenpwned.com and enter your email address to check for yourself. Despite its spelling, the website is a reputable source for checking your email address and phone against known data breaches.

Steps you can take to protect your data

If you are a member of Ducks Unlimited, log in to the website and change your password to something completely unique and something that you do not share with other accounts, such as bank accounts, etc.

Did you use the same password at Ducks Unlimited that you did with other accounts? If so,  change ALL of those passwords as soon as possible, especially those of your email address, bank accounts, credit accounts, crypto accounts, etc. If it has anything to do with your money or your email account, change it.

Finally, if you have any questions, feel free to leave a comment below.