Which is to say, there's no guarantee that it can't be stolen. Nobody who connects a database to the Internet can guarantee that. There will always be a better hacker out there.

However, we ask for significantly less information than, say, social media platforms. Social media platforms pester you for your real name, your phone number, the city you live in, your contacts list, you name it. To join DU, you only need to provide an email address.
We also collect your IP address when you visit.

So technically, could someone break into DU's database and associate an email address with an IP address? Yes. Could your IP address be used to track down your identity? Yes, if the person doing the tracking had access to your service provider's IP logs (not an easy feat).

There are ways to anonymize yourself even further on DU -- use a throwaway email address, or connect with a VPN. If you do that, we have no information about you that could be used to get your identity.

There are places on your profile where you can enter information if you want, but it's voluntary. If you enter something there and then delete it, we don't keep that information. And of course anything you post on the forums is available to the public and can be downloaded, stored, or archived by sites like the Internet Archive.

So that's about the long and short of it. You can reveal as much or as little information about yourself as you want when you visit DU. But if someone was going to create an enemies list based on website users, in my opinion they would have a far easier time just using social media sites like Facebook, which contain vast quantities of personal data and the means to connect it all together to tell you almost anything you want to know about a person, instantly. DU's data is microscopic by comparison, and far less easy to connect together.