Sun, 05 Jul 2020

Major security breach at Quora, 100 million users compromise

By Sheetal Sukhija, Kazakhstan News.Net
06 Dec 2018, 03:51 GMT+10

CALIFORNIA, U.S. - The popular information sharing website Quora suffered a massive cyberattack, that compromised the personal data of 100 million users. 

According to the question-and-answer website, the hacking occurred due to an "unauthorized access" to its systems, and exposed details of several users.

In a statement confirming the hacking, Quora said that the names, email addresses, encrypted passwords and website activity of 100 million of its users had been compromised in the security breach. 

Confirming that the situation had now been contained, Quora released a security update in its question-and-answer format.

It said, "We recently became aware that some user data was compromised due to unauthorized access to our systems by a malicious third party. We have engaged leading digital forensic and security experts and launched an investigation, which is ongoing."

The company said that the breach had also compromised user data from social networks like Facebook and Twitter, if people chose to link them to their Quora accounts.

According to the website, hackers had obtained website users' activity details including their questions, answers, upvotes and downvotes. 

Quora CEO Adam D'Angelo also noted in a blog post, "The overwhelming majority of the content accessed was already public on Quora, but the compromise of account and other private information is serious. We are in the process of notifying users whose data has been compromised."

The website also sought to reassure its users, claiming, "It is highly unlikely that the incident would lead to identity theft as we do not collect sensitive information like credit card or social security numbers."

Quota said that it had automatically logged out all of its users who might have been affected in the cyberattack, to prevent any further damage. 

The company said that question and answers that are written anonymously were not affected by the data breach.

After issuing the security update, the website reportedly asked its users to reset their password and said that all users would be prompted to do the same the next time they try to log in on Quora.

Further, users seeking to deactivate their account, could use the 'delete account' option on the website's settings section.

Quora noted in its statement, "We have retained a leading digital forensics and security firm to assist us. We believe we've identified the root cause and taken steps to address the issue, although our investigation is ongoing and we'll continue to make security improvements."

The website added that it had notified law enforcement officials.

More Central Asia News

Access More

Sign up for Kazakhstan News

a daily newsletter full of things to discuss over drinks.and the great thing is that it's on the house!