Quora discloses data breach affecting 100 million users: Details here
After Facebook, popular question-and-answer website Quora has suffered a mega data breach. The site has revealed that public and private information of up to 100 million Quora users has been accessed by hackers who broke into its systems. The company believes the issue has been fixed and is now working with law enforcement on investigating the matter. Here are all the details.
What information has been compromised?
Quora said up to 100 million users may have been affected by the breach, but some were impacted more than others. It has not given a definite figure but is sending out emails informing impacted users of the incident and what information of theirs has been compromised. This may include their emails, hashed passwords, and private information like direct messages, downvotes, and answer requests.
Even demographic information could be at risk
Apart from passwords and private messages, Quora said that contacts or demographic information uploaded by connecting to other social media services could have been compromised. It may also include publicly posted information, like answers and questions, but not those posted anonymously.
What are the risks of this breach?
As Quora said, the information compromised in the breach cannot be used for identity/financial theft, but there's still a risk of account hacks. For instance, you can be targeted by phishing attacks on your email or your information could be sold on dark web marketplaces in bulk as we saw in the case of Facebook. This could then be used for ad targeting.
So, what can you do?
Quora has not revealed the exact cause of this breach, but it is working with law enforcement and a digital forensics team to delve into the incident. As a precautionary step, it has logged out all users who may have been affected by the breach and invalidated their passwords. So, if you get Quora's email, open Quora and change your password.
Password resetting details
If your password is already invalidated, you'd be prompted to reset it. But if that's not the case, head over to the settings section and change the password. Also, it is recommended to not use the same password used on other services.