Quora, the popular question-and-answer website, is the latest entity to be affected by a massive data breach. This time, it is estimated that 100 million people could be affected.
Adam D’Angelo, CEO of Quora, released a blog post that explained user account information (like email addresses and user names) as well as encrypted passwords and other data were accessed by the hackers. Additionally, he wrote that comments, public questions-and-answers and even direct messages could have been accessed.
D’Angelo stated that Quora is working quickly to get more information on the breach and that it is taking important steps to ensure that it prevents a breach from happening again.
Quora is a privately held company based in California. Users of the site can ask questions about almost anything, and other users answer these questions. The company claims that it has more than 300 million unique visitors per month. Although this data breach is not as devastating as others, such as the other recent breach announced by Marriott International, it is still concerning. The Marriott breach went on for several years, and more than 500 million people were affected. For about 327million, their passport numbers, birth dates and more were accessed.
The Quora breach was not as serious. The biggest concern for people affected by this breach is the possibility of falling for a phishing scam. Basically, these scams work by tricking people into clicking email links that allow the scammer to get personal info or installing malware onto the victim’s computer. This could be significant, however, as some of the data has come from networks like Facebook, which users can connect to their Quora accounts.
This is a really good reminder to anyone with social media accounts, or other online accounts, to consider a throwaway email account. This is an account that is neither connected to work nor your primary email account. This way, if it gets hacked, you can simply delete it.
To add some insult to injury, Quora also just announced that a “malicious third party”has accessed one of its systems. The company is currently investigating the issue, and it’s working with a security firm to get to the bottom of it. Quora is also in the process of notifying any users who might have been affected by this breach. They are also logging these people out of the site and forcing them to change their passwords.
Last thing: I’m a fan of Quora, and yes, this breach sucks, but it’s less sucky than others. Feel free to ask me a question on my Quora.