Thursday, March 28, 2024

Quora hit by data breach affecting around 100 million users

Share

Quora has been targeted by hackers in a data breach affecting around 100 million of its users.

The Mountain View, California-based company that operates the question-and-answer website said on Monday that it recently discovered unauthorized access to its computer systems.

Data that “may have been compromised” includes account information such as name, email address, and encrypted (hashed) passwords. It also includes non-public content and actions, for example, answer requests, downvotes, and direct messages, though Quora says that only a “low percentage” of its users have ever sent or received such messages. Other stolen data may include records of public content and actions such as posted questions, answers, comments, and upvotes.

In a message on its website, the company was keen to point out that the “overwhelming majority of the content accessed was already public on Quora,” but it admitted that “the compromise of account and other private information is serious.”

It said it’s “working rapidly to investigate the situation further and take the appropriate steps to prevent such incidents in the future,” adding that it was sorry for any inconvenience caused.

Contacting affected users

Quora is in the process of emailing affected users with “relevant details,” though in the meantime, you can check out its specially setup help page with more information about the data breach.

It explained that while the stolen passwords shouldn’t be decipherable, as a precautionary measure, users should change the password of other online services if it’s the same one as their Quora account. “It is generally a best practice not to reuse the same password across multiple services,” the company noted.

As its investigation continues, Quora said it’s already taking steps to improve its security.

“Out of an abundance of caution, we are logging out all Quora users who may have been affected, and, if they use a password as their authentication method, we are invalidating their passwords,” it said.

The company believes it has identified the root cause of the breach and has already taken steps to address it, but added that “our investigation is ongoing and we’ll continue to make security improvements.”

“We need to work very hard to make sure this does not happen again,” Quora wrote in its post. “We are continuing to work very hard to remedy the situation, and we hope over time to prove that we are worthy of your trust.”

The troubling incident comes just days after hotel giant Marriott revealed a hack affecting as many as 500 million of its customers, and a week after computer company Dell said it spotted an effort by cybercriminals to access its servers, though it declined to say how many of its customers may have been affected.

Editors’ Recommendations

  • Marriott suffers breach of 500M guest records. Here’s how to protect yourself
  • Marriott suffers breach of 500M guest records. Here’s how to protect yourself
  • Marriott suffers breach of 500M guest records. Here’s how to protect yourself
  • Hack compromised data of up to 500M Starwood Preferred guests, Marriott says
  • Hackers target major airline in data breach affecting nearly 10M customers





Read more

More News