The question and answer community Quora confirmed today that up to 100 million accounts of users were compromised in a data breach.
It noticed on Friday that "some user data was compromised by a third party who gained unauthorized access" to a company system.
The company's investigation is still ongoing; Quora hired a digital forensics and security firm, and notified law enforcement officials.
Quora notes that the following data may have been compromised for "approximately 100 million Quora users":
The company is in the process of informing affected users about the breach. Users affected by the breach should receive an email with information. The email is an exact copy of the post on the Quora website.
Quora made the decision to log out all Quora users who might have been affected by the breach. Passwords used by affected accounts will be invalidated.
Quora users whose passwords were invalidated are asked to reset the password the next time they try to sign in to the service. An email with password reset instructions is sent to the registered email account in that case.
Quora suggests that users change passwords of accounts that they use on other sites if the same password was used there as well. The attackers could try email and password on popular sites after decrypting the passwords.
Affected users should pay attention to emails that they receive. Name and email address may be used to create phishing emails or other types of unwanted emails. You can find out if your email address has been sold here.
Quora makes it difficult to browse questions and answers without account. Users of the content blocker uBlock Origin may use it to access Quora content without account.
There are not many popular sites or companies left that have not experienced a data breach yet. Users should make sure that they use unique strong passwords for each service that they sign up for. Password managers like KeePass or Bitwarden and email providers and services that support aliases or multiple unique email addresses help with that.
Now You: Have you been affected by breaches in the past?Advertisement
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.