Quora hacked, about 100 million user accounts leaked

By on
Quora hacked, about 100 million user accounts leaked

Chief executive apologises and promises transparency.

Popular question and answer forum Quora is the latest to own up to a mass hack that saw account information for around 100 million users being compromised.

Quora chief executive Adam d'Angelo, who founded the forum after leaving Facebook where he was the chief technology officer, said the account information taken includes names, email addresses, encrypted passwords and data imported from linked networks when users authorise these.

Users internet protocol (IP) addresses as recorded by Quora were also leaked.

While the passwords were hashed with a unique salt for each Quora user, d'Angelo advised those who had re-used credentials across multiple services to change them as best practice.

The hack was discovered over the weekend Australian time by Quora.

On top of account details, public content and actions on the site such comments and upvotes were also compromised. 

Also compromised was non-public content such as answer requests, downvotes and direct messages, d'Angelo said.

Quora has started notifying users whose data has been compromised, and will log them out of the site "out of an abundance of caution". 

Users who authenticated on Quora with passwords will have these invalidated as well, d'Angelo said.

d'Angelo apologised for the breach, and acknowledged that Quora had failed its users when it comes to keeping their data safe.

"It is our responsibility to make sure things like this don’t happen, and we failed to meet that responsibility.

We recognise that in order to maintain user trust, we need to work very hard to make sure this does not happen again.

There’s little hope of sharing and growing the world’s knowledge if those doing so cannot feel safe and secure, and cannot trust that their information will remain private," the Quora founder wrote.

Quora said it's highly unlikely that the hack will lead to identity theft as the site does not collect sensitive personal information such as credit card or social security numbers.

The forum believes it has identified the root cause that allowed the hack, and is working with law enforcement on the issue.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
privacy quora security

Sponsored Whitepapers

Develop a resiliency strategy that integrates risk analysis & continuity management
Develop a resiliency strategy that integrates risk analysis & continuity management
IBM Maximo: Manage any asset, anytime, any place with mobile EAM
IBM Maximo: Manage any asset, anytime, any place with mobile EAM
Optimise your operations with APM and AI-Powered insights
Optimise your operations with APM and AI-Powered insights
Forrester Study: Understand the total economic impact of using IBM Cloud Pak™ for Data
Forrester Study: Understand the total economic impact of using IBM Cloud Pak™ for Data
Technology skill development: The strategy for building better teams
Technology skill development: The strategy for building better teams

Events

Most Read Articles

Aussie Broadband makes late push for NBN high-speed upgraders

Aussie Broadband makes late push for NBN high-speed upgraders
Australian Covid-19 vaccine certificates come to digital wallets

Australian Covid-19 vaccine certificates come to digital wallets
Any Android security app is better than Google Play Protect

Any Android security app is better than Google Play Protect
Services Australia shifts most Centrelink payments to SAP S/4 HANA

Services Australia shifts most Centrelink payments to SAP S/4 HANA

Log In

Email:
Password:
  |  Forgot your password?