‘Malicious’ Quora Data Breach Compromises 100 Million Users
More than 100 million user records have been stolen in a hack of the question-and-answer site Quora.
According to a blog post by Quora co-founder and CEO Adam D’Angelo, the San Francisco-based company, which has raised more than $220 million USD in funding since its inception in 2009, said “some user data” was compromised following “unauthorized access to one of our systems by a malicious third party.”
The information taken by the hackers includes usernames and encrypted password data as well as content from the site, including public and private activities. Attackers potentially know what questions you’ve asked, what answers you’ve given, upvotes and downvotes, answer requests and direct messages.
“The overwhelming majority of the content accessed was already public on Quora, but the compromise of account and other private information is serious,” reads the post.
The issue was first discovered on Friday, and the company is still looking into exactly what happened, giving all the usual reassurances that security is a top priority. Quora also says it has spotted the root of the problem and will take steps to address it.
“We believe we’ve identified the root cause and taken steps to address the issue, although our investigation is ongoing, and we’ll continue to make security improvements,” the post stated. “We will continue to work both internally and with our outside experts to gain a full understanding of what happened and take any further action as needed.”
“It is our responsibility to make sure things like this don’t happen, and we failed to meet that responsibility,” added D’Angelo.
The statement echoes that of Arne Sorenson, Marriott’s President and Chief Executive Officer, who apologized after the hotel chain revealed 500 million of its customers had been affected by hackers who had long been able to infiltrate its reservation database.