Quora becomes latest victim of data breach; around 100 million users affected

Daniel Fowler
December 4, 2018

Quora, one of the largest question-and-answer portals on the Internet, said today that hackers gained access to its servers and stole information on approximately 100 million of its users, which represents nearly half of the site's total userbase.

Today's big data breach has been announced by Q&A site Quora, affecting over 100 million registered users.

Quora said, in a statement emailed to members, that they are now investigating exactly how the breach occurred.

"We're still investigating the precise causes and in addition to the work being conducted by our internal security teams, we have retained a leading digital forensics and security firm to assist us".

Non-public content could have also been accessed, such as answer requests, downvotes, and direct messages.

US Secretary of Defense: Vladimir Putin is "slow learner"
However, Mattis said that he didn't think the threat from Russian Federation to American elections had increased. "Mr. Russian Federation has denied meddling.

The breach, which D'Angelo said was discovered Friday, compromised account information such as names, email addresses and encrypted passwords.

But don't worry, your identity probably won't be stolen because Quora doesn't collect sensitive personal information like credit card or social security numbers.

The breach did not affect questions and answers that were written anonymously.

Quora has started notifying users whose data has been compromised, and will log them out of the site "out of an abundance of caution". Quora also notified law enforcement.

While the passwords were hashed with a unique salt for each Quora user, d'Angelo advised those who had re-used credentials across multiple services to change them as best practice. Quora has been sending out emails to users explaining what happened and steps being taken, such as the fact that the users have been logged out of their accounts and their passwords invalidated. "We have already taken steps to ensure the situation is contained, and we are working to prevent this type of event from happening in the future". Quora's post said it will log out all affected users, and push a password reset.

Other reports by

Discuss This Article

FOLLOW OUR NEWSPAPER