Quora, a question and answer platform that seems to have the answers to almost everything, doesn’t have an answer to how its domain got hacked and how the data of almost 100 million users was compromised.
The popular question & answer platform put out a blog post Tuesday morning stating that its website had been hacked and user information like names, email-addresses and hashed/encrypted passwords had been compromised. It is also believed that hackers made off with “data imported from linked networks when authorised by users.”
Since the breach, Quora has been sending a notification via email to all of its affected users stating that they discovered the hack on Friday, 30 November. It does not mention when the actual breach took place. The website also nullified their old passwords forcing users to create new ones.
There were also reports that public content such as questions, answers, comments including non-public content like answer requests and direct messages were also acquired by the hackers. Anonymous posts were not affected by this breach as there was no data to be stolen from there anyway.
Quora is one of the largest websites in the world with over 700 million visits per month which can give you a rough idea of the scale of breach that might have happened.
We have discovered that some user data was compromised by unauthorized access to our systems. We’ve taken steps to ensure that the situation is contained and are notifying affected users. Protecting your information is our top priority. Read more here: https://t.co/uwbdMjoM1v— Quora (@Quora) December 3, 2018
The email from Quora also mentions that it has “retained a leading digital forensics and security firm to assist”them with the investigations.
Like many applications and websites today, Quora also allows users an option to log in with a Google or Facebook account, which may have been the “linked networks” that their blog is referring to. Seemingly, all the data linked with the aforementioned accounts could be at risk.
This breach has left a lot of Quora users perturbed as many of them took to Twitter to vent their frustration. Some are even concerned about the breach.
@Quora was hacked. And judging by the user base, it's at least gonna be a million. It's about time you stopped forcing us to sign up just to view the site. I didn't want to, but I was forced to. And now, my data is compromises. Impressive! pic.twitter.com/mBP2mbXUwS— Harsh Chaturvedi (@Flam3Sm0k3) December 4, 2018
Quora has been hacked and it needs to make things right with users. My suggestion: begin hosting as much porn as users can upload https://t.co/Tbh1rgWF6a— Casey Newton (@CaseyNewton) December 4, 2018
I got an email about Quora being hacked. I changed my password (as they required me to, good!), and promptly deleted my account. Not really sure why I ever made one in the first place…— Brian Mitchell (@BrianMitchL) December 4, 2018
That said, there is a sigh of relief from many as no financial data is linked to the website. Quora has also acted swiftly and responded to this breach by logging out all of its users thereby forcing them to log in again with fresh passwords.
Since many of the passwords and sensitive user data linked to other accounts has been hacked it is advisable that Quora users immediately change their Facebook and Google passwords just to be on the safe side.
. Read more on Tech News by The Quint.RSS & BJP’s Nehru-Netaji ‘Cosplay’: Irony Dies a Thousand DeathsBulandshahr Violence: UP Min Rajbhar Blames VHP, RSS & Bajrang Dal . Read more on Tech News by The Quint.