Up to 100 million users of the question-and-answer website, Quora, may have had their personal data accessed by hackers, CNN Business reports.
Engineers at Quora first detected suspicious behaviour going on in the firm’s systems on Friday of last week, only to conclude that a “malicious third party” was hacking into IT infrastructures, CEO Adam D’Angelo stated in a blog post.
Beyond encrypted passwords, email addresses and user names being potentially compromised, social network information may also have been accessed if platforms such as Facebook or Twitter were linked to affected Quora accounts.
Member activity on the Quora website was also obtained, enabling the hackers to identify what users have up or down-voted. However, it is not believed that anonymously-created questions and answers were accessed in the attack.
“The overwhelming majority of the content accessed was already public on Quora, but the compromise of account and other private information is serious.
“We are working rapidly to investigate the situation further and take the appropriate steps to prevent such incidents in the future.”
Quora has contacted affected users and has logged victims out of their accounts.
“We believe we’ve identified the root cause and taken steps to address the issue, although our investigation is ongoing and we’ll continue to make security improvements,” D’Angelo added.
The Quora website positions itself as a place where “you can ask questions you care about and get answers that are amazing.”
Questions that users publish can open threads that can give just one answer, or include extra comments to help supplement knowledge. People can ask what the best Star Wars film is, or which New York restaurant serves the best steak, and see how other users respond.
While the goal of creating a knowledge database to compete with Wikipedia may be ambitious, given Quora’s lack of global reach, the platform currently offers an easy-to-access community and opinion exchange that is successful, useful and fun to be a part of.
News of the breach will be damaging to Quora’s reputation, following a number cyber attacks that have hit big brands over 2018, a year that saw the introduction of the EU’s General Data Protection Regulation.
PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.
For more information on upcoming events, visit the website.
We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.