Around 100 million Quora user accounts have allegedly been compromised in a hacking incident the company discovered last Friday.
Quora, the question-and-answer website, announced late on Monday that as many as 100 million Quora user accounts were compromised by an unknown group of hackers infiltrating the site’s system. The company’s cybersecurity team only discovered the breach on Friday.
“On Friday we discovered that some user data was compromised by a third party who gained unauthorized access to our systems,” Quora said in an email sent to its users Monday evening.
“We’re still investigating the precise causes, and in addition to the work being conducted by our internal security teams, we have retained a leading digital forensics and security firm to assist us. We have also notified law enforcement officials.”
According to the company, the hackers gained access to the following information:
- Account information, e.g. name, email address, encrypted (hashed) password, data imported from linked networks when authorized by users.
- Public content and actions, e.g. questions, answers, comments, upvotes.
- Non-public content and actions, e.g. answer requests, downvotes, direct messages.
What to do With Your Quora User Account
Quora reported that they are still in the process of notifying all affected users to the breach. As an added precautionary measure, the company will reportedly log out all compromised accounts and invalidate their affected passwords.
While the company has not given out further information about the incident, they claimed to have already identified the root cause of the hacking incident and are taking the necessary steps to fix it.
Not all Quora user accounts were affected by the system breach, and the company will only notify those affected users via email. Quora also said that the compromised information would not likely result in identity theft. As a policy, the site does not usually collect sensitive personal information from its users.
The company also suggests that people with affected accounts should reset their passwords on other social media sites.
For more information about the breach, click here.