Join NexChange - the professional
network for the financial services
industry - and receive a free one-
year subscription to Forbes
Quora Says About 100 Million Users Could Be Affected By Security Breach
.Quora said in an email to users and in a blog post by CEO Adam D’Angelo that about 100 million users may have been affected by a security breach that occurred on Nov. 30.
D’Angelo indicated that the investigation into the incident is still ongoing and the responsible party has yet to be identified. Its internal security team is working with a “leading digital forensics and security firm,” while law enforcement has also been notified of the breach.
“We believe we’ve identified the root cause and taken steps to address the issue, although our investigation is ongoing and we’ll continue to make security improvements,” he writes.
Here are the details of what was compromised, according to D’Angelo:
- Account information, e.g. name, email address, encrypted (hashed) password, data imported from linked networks when authorized by users
- Public content and actions, e.g. questions, answers, comments, upvotes
- Non-public content and actions, e.g. answer requests, downvotes, direct messages (note that a low percentage of Quora users have sent or received such messages)
D’Angelo added that the company is “logging out all Quora users who may have been affected, and, if they use a password as their authentication method, we are invalidating their passwords.”
In an FAQ posted about the incident for the Quora Partner Program, the company noted that its “payments provider Stripe has confirmed that no financial information was compromised, and they have reset all access tokens for users with Stripe accounts as an extra precaution.”
If you have a Quora account, you can find mire information about what to do here.
Photo: Getty iStock