/>
X

Quora discloses mega breach impacting 100 million users

Account info, passwords, emails, private messages, and user votes were exposed.
catalin-cimpanu.jpg
Written by Catalin Cimpanu, Contributor on
quora.png

Quora, one of the largest question-and-answer portals on the Internet, said today that hackers gained access to its servers and stole information on approximately 100 million of its users, which represents almost half of the site's total userbase.

The company disclosed the breach today but said it discovered the hack last week, on Friday. Quora is still investigating the incident but said it already determined that hackers accessed the following types of user information:

  • Account information (e.g., name, email address, encrypted password, data imported from linked networks when authorized by users)
  • Public content and actions (e.g., questions, answers, comments, upvotes)
  • Non-public content and actions (e.g., answer requests, downvotes, direct messages)

"The overwhelming majority of the content accessed was already public on Quora, but the compromise of account and other private information is serious," said Adam D'Angelo, Quora CEO.

"Questions and answers that were written anonymously are not affected by this breach as we do not store the identities of people who post anonymous content," he added.

"It is highly unlikely that this incident will result in identity theft, as we do not collect sensitive personal information like credit card or social security numbers," the company added later today in a help page regarding the incident.

The site has already taken steps to log out all Quora users who may have been affected. Users who used a password to secure their account have already had their password invalidated and will need to choose a new one the next time they log in.

Quora said it's in the process of notifying all users who it believes were impacted by the hack. The company said that not all users were affected and that "some were impacted more than others."

The tech site also said it already took steps to "contain the incident" and prevent future unauthorized access to its servers. The company said it's still looking into the cause of the breach together with a digital forensics firm. Quora also notified law enforcement.

This is the second hack of a major tech firm in the past week after Dell announced a similar breach of its Dell.com online accounts last week.

These are the worst hacks, cyberattacks, and data breaches of 2018

More data breach coverage:

Related

Android apps on Windows: Microsoft's Windows Subsystem for Android just got a big update
shutterstock-1320843212.jpg

Android apps on Windows: Microsoft's Windows Subsystem for Android just got a big update

Smartphones
Amazon updates the Fire 7 with USB-C, improved battery life and a small price increase
fire-7-colors-2.jpg

Amazon updates the Fire 7 with USB-C, improved battery life and a small price increase

Tablets
Marriott has a twisted new idea to make you happy (you may need to lie down)
istock-807836562.jpg

Marriott has a twisted new idea to make you happy (you may need to lie down)

Business