Quora hacked, about 100 million user accounts leaked

By on
Quora hacked, about 100 million user accounts leaked

Chief executive apologises and promises transparency.

Popular question and answer forum Quora is the latest to own up to a mass hack that saw account information for around 100 million users being compromised.

Quora chief executive Adam d'Angelo, who founded the forum after leaving Facebook where he was the chief technology officer, said the account information taken includes names, email addresses, encrypted passwords and data imported from linked networks when users authorise these.

Users internet protocol (IP) addresses as recorded by Quora were also leaked.

While the passwords were hashed with a unique salt for each Quora user, d'Angelo advised those who had re-used credentials across multiple services to change them as best practice.

The hack was discovered over the weekend Australian time by Quora.

On top of account details, public content and actions on the site such comments and upvotes were also compromised. 

Also compromised was non-public content such as answer requests, downvotes and direct messages, d'Angelo said.

Quora has started notifying users whose data has been compromised, and will log them out of the site "out of an abundance of caution". 

Users who authenticated on Quora with passwords will have these invalidated as well, d'Angelo said.

d'Angelo apologised for the breach, and acknowledged that Quora had failed its users when it comes to keeping their data safe.

"It is our responsibility to make sure things like this don’t happen, and we failed to meet that responsibility.

We recognise that in order to maintain user trust, we need to work very hard to make sure this does not happen again.

There’s little hope of sharing and growing the world’s knowledge if those doing so cannot feel safe and secure, and cannot trust that their information will remain private," the Quora founder wrote.

Quora said it's highly unlikely that the hack will lead to identity theft as the site does not collect sensitive personal information such as credit card or social security numbers.

The forum believes it has identified the root cause that allowed the hack, and is working with law enforcement on the issue.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
privacy quora security
In Partnership With

Most Read Articles

CBA slammed by RBA for stalling New Payments Platform

CBA slammed by RBA for stalling New Payments Platform
TPG 'contemplates' future of sub-$60 NBN plans

TPG 'contemplates' future of sub-$60 NBN plans
Google tries to smash smishing in Messages

Google tries to smash smishing in Messages
NBN Co challenges Australia's $60 broadband 'sweet spot'

NBN Co challenges Australia's $60 broadband 'sweet spot'
You must be a registered member of iTnews to post a comment.
| Register

Whitepapers from our sponsors

Are you getting profitable outcomes from your IT?
Are you getting profitable outcomes from your IT?
Your Microsoft Security journey starts here
Your Microsoft Security journey starts here
Is your AWS framework well-architected?
Is your AWS framework well-architected?
Why you should reassess your cybersecurity posture
Why you should reassess your cybersecurity posture
How will you manage the cloud data deluge?
How will you manage the cloud data deluge?

Events

Log In

Username / Email:
Password:
  |  Forgot your password?