The question and answer community Quora confirmed today that up to 100 million accounts of users were compromised in a data breach.
It noticed on Friday that "some user data was compromised by a third party who gained unauthorized access" to a company system.
The company's investigation is still ongoing; Quora hired a digital forensics and security firm, and notified law enforcement officials.
Quora notes that the following data may have been compromised for "approximately 100 million Quora users":
The company is in the process of informing affected users about the breach. Users affected by the breach should receive an email with information. The email is an exact copy of the post on the Quora website.
Quora made the decision to log out all Quora users who might have been affected by the breach. Passwords used by affected accounts will be invalidated.
Quora users whose passwords were invalidated are asked to reset the password the next time they try to sign in to the service. An email with password reset instructions is sent to the registered email account in that case.
Quora suggests that users change passwords of accounts that they use on other sites if the same password was used there as well. The attackers could try email and password on popular sites after decrypting the passwords.
Affected users should pay attention to emails that they receive. Name and email address may be used to create phishing emails or other types of unwanted emails. You can find out if your email address has been sold here.
Quora makes it difficult to browse questions and answers without account. Users of the content blocker uBlock Origin may use it to access Quora content without account.
There are not many popular sites or companies left that have not experienced a data breach yet. Users should make sure that they use unique strong passwords for each service that they sign up for. Password managers like KeePass or Bitwarden and email providers and services that support aliases or multiple unique email addresses help with that.
Now You: Have you been affected by breaches in the past?
Please click on the following link to open the newsletter signup page: Ghacks Newsletter Sign up
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.
Unless there are real consequences for the company top-brass when these incidents occur, such as life in prison, total forfeiture of net assets, company shut down, we can expect them to continue unabated in to the future.
This is 1 reason why I dont post to large sites That require a sign up.
Its a shame really even I have something to contribute occassionally.
:)
The worse thing is that I needed an answer on Quora and they forced me to finally get an account to see it. And then it is hacked. Right.
No need for account, you can use adblock to view the answers
When I used adblock, it removed the scrolling window. I knew I was doing something wrong, but needed the answer pronto.
Aww… how unusual, well done 3letter alphabetsoup guys! :)