Privacy News Quora Hacked - 100 Million User's Data Exposed

CyberTech

CyberTech

Level 44
Thread author
Verified
Top Poster
Well-known
Nov 10, 2017
3,250
Content source
https://www.bleepingcomputer.com/news/security/quora-hacked-100-million-users-data-exposed/
Quora announced tonight that one of their systems was hacked and has led to the exposure of approximately 100 million user's data to an unauthorized third-party.

Quora discovered this breach on Friday, November 30th, when saw that user's data was accessed by an unauthorized third-party. Quora stated that they then contacted law enforcement and hired a digital forensics and security consulting company to determine how this breach occurred and who may have conducted the attack.

"We recently became aware that some user data was compromised due to unauthorized access to our systems by a malicious third party," stated Quora's security update. "We have engaged leading digital forensic and security experts and launched an investigation, which is ongoing. We have notified law enforcement officials. We are notifying affected Quora users. We have already taken steps to ensure the situation is contained, and we are working to prevent this type of event from happening in the future. Protecting our users’ information and fostering an environment built on trust remains our top priority so that together we can continue to share and grow the world’s knowledge."


The data that was exposed for the 100 million users includes:
  • Account information (e.g. name, email address, encrypted password, data imported from linked networks when authorized by users)
  • Public content and actions (e.g. questions, answers, comments, upvotes)
  • Non-public content and actions (e.g. answer requests, downvotes, direct messages)
Click to expand...

It is not currently known how the attacker gained access to their systems. Quora has started emailing users who were impacted by this breach. These emails do not contain any further information than what was already given.

email-stro.jpg



BleepingComputer has contacted Quora for answers to further questions, but had not heard back at the time of this publication.

Securing your passwords at other sites

Quora is estimated to be the 95th largest site in the world with close to 700 million visits per month, so the amount of users affected is staggering. With that said, there is thankfully no financial information associated with the exposed user data. Instead users need to be concerned that their will be attempts to use their information to try to gain access at other sites that they have accounts.


Due to this, it is necessary for all users to change any passwords at other sites that use the same password as Quora. It is also strongly suggested that unique passwords are used at every site you visit in order to minimize the impact of a breach like this.
Click to expand...
 
  • Like
Reactions: vtqhtr413, aragornnnn, Black Wings and 14 others
E

Eddie Morra

I've been avoiding Quora's sign-up for years. I still view Quora, I just refuse to sign-up. My reasoning is simple... why would I sign up to a community I have no interest in posting on?

If you need to view Quora discussions but do not want to create an account and do not need to participate in those discussions, but are asked to sign-up with the silly enforced restricted sign-in/up pop-up, simply add a "?" character to the end of the URL and hit enter... and bobs you're uncle, you'll not be asked to sign-up to read the discussion.
 
  • Like
Reactions: Vasudev, codswollip, spaceoctopus and 8 others
CyberTech

CyberTech

Level 44
Thread author
Verified
Top Poster
Well-known
Nov 10, 2017
3,250
Eddie Morra said:
I've been avoiding Quora's sign-up for years. I still view Quora, I just refuse to sign-up. My reasoning is simple... why would I sign up to a community I have no interest in posting on?

If you need to view Quora discussions but do not want to create an account and do not need to participate in those discussions, but are asked to sign-up with the silly enforced restricted sign-in/up pop-up, simply add a "?" character to the end of the URL and hit enter... and bobs you're uncle, you'll not be asked to sign-up to read the discussion.
Click to expand...

If you have Reddit account then no need to sign up on Quora you can read any subreddits without Sign up, my opinion Reddit is better then Quora...
 
  • Like
Reactions: Vasudev, spaceoctopus, Weebarra and 1 other person
V

Vasudev

Level 33
Verified
Nov 8, 2014
2,228
A quick update for those who log in using Google accounts: By default, those who use Quora using Google accounts they don't ask you to create a password for Quora and that's why my data was hacked. I bet there's isn't anything useful apart from text based data mining and SEO.
 
  • Like
Reactions: ChemicalB, CyberTech and harlan4096
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • +Reputation
    • Like
Freecycle confirms massive data breach impacting 7 million users
Replies
0
Views
612
News Archive
Gandalf_The_Grey
Gandalf_The_Grey
Gandalf_The_Grey
    • Wow
    • +Reputation
    • Sad
Security News American Express credit cards exposed in third-party data breach
Replies
1
Views
1,135
Security News
Dave Russo
Dave Russo
Gandalf_The_Grey
    • Like
    • +Reputation
Golf gear giant Callaway data breach exposes info of 1.1 million
Replies
0
Views
1,062
News Archive
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top