Quora data breach affected 100 million users globally, exposing names, email addresses and more


Quora has announced that some of its user data were compromised as a result of unauthorized access to one of our systems by a malicious third party. The company said that it is working rapidly to investigate the situation further and take the appropriate steps to prevent such incidents from happening in the future.

Quora revealed that some of its user data were compromised by a third party who gained unauthorized access to one of the systems on November 30th. The company is working on locating the precise cause for the data compromise and has retained a leading digital forensics and security firm to assist it. It has also notified the law enforcement officials.

Over 100 million Quora users account information, e.g. name, email address, encrypted (hashed) password, data imported from linked networks when authorized by users, public content and actions, e.g. questions, answers, comments, upvotes, non-public content and actions, e.g. answer requests, downvotes, direct messages are being subjected to the compromise.

Questions and answers that were written anonymously are not affected by this breach as Quora does not store the identities of people who post anonymous content. The company is in the process of notifying users whose data has been compromised. It has logged out all Quora users who may have been affected, and, if they use a password as their authentication method, it is also invalidating their passwords. Additionally, the company is suggesting users change the password and not to reuse the same password.

Source