Question-and-answer site says names, email addresses, and encrypted passwords were exposed.
Quora Data Breach:- Quora said today that a security breach could have endangered the data of around 100 million users. In an email sent to users yesterday and in a blog post from CEO Adam D’Angelo, the company said a “malicious third party” had unauthorized access to Quora systems on Friday. Their internal security teams and a “company specializing in forensics and digital security” are investigating this violation. Law enforcement officials were also informed.
The company believes that it has identified the cause of the data breach and has taken steps to resolve the problem, even though our investigations are continuing and we will continue to improve security. Violation because the identity of people who create anonymous posts is not recorded.
Currently, the company is notifying the users whose data has been compromised and disconnects all Quora users who may be affected for security reasons. If you have used one, your passwords will be invalid. Here is a frequently asked question about the violation.
According to Quora, the following user data may have been breached:
- User Account and user information, e.g. Name, Username, user email, IP, user ID, encrypted password, user account settings, personalization data
- Public actions and content including drafts, e.g. questions, answers, comments, blog posts, upvotes
- Data imported from linked networks when authorized by you, e.g. contacts, demographic information, interests, access tokens (now invalidated)
- Non-public actions, e.g. answer requests, downvotes, thanks
- Non-public content, e.g. direct messages, suggested edits
In another article about its help center, Quora said, “It is convinced that no financial information from members has been compromised.” Some access tokens associated with Stripe, the company’s payment processing service, have been “temporarily compromised”. Quora has, however, confirmed that since the incident no access token has been used and no financial information has been breached.
All users with a Stripe account have also reset their access tokens. “We are confident that no personal financial information accessed via Stripe has been compromised and no personal financial information is currently vulnerable,” Quora said.