Quora, a question and answer platform that seems to have the answers to almost everything, doesn’t have an answer to how its domain got hacked and how the data of almost 100 million users was compromised.
The popular question & answer platform put out a blog post Tuesday morning stating that its website had been hacked and user information like names, email-addresses and hashed/encrypted passwords had been compromised. It is also believed that hackers made off with “data imported from linked networks when authorised by users.”
Since the breach, Quora has been sending a notification via email to all of its affected users stating that they discovered the hack on Friday, 30 November. It does not mention when the actual breach took place. The website also nullified their old passwords forcing users to create new ones.
There were also reports that public content such as questions, answers, comments including non-public content like answer requests and direct messages were also acquired by the hackers. Anonymous posts were not affected by this breach as there was no data to be stolen from there anyway.
Quora is one of the largest websites in the world with over 700 million visits per month which can give you a rough idea of the scale of breach that might have happened.
The email from Quora also mentions that it has “retained a leading digital forensics and security firm to assist”them with the investigations.
Like many applications and websites today, Quora also allows users an option to log in with a Google or Facebook account, which may have been the “linked networks” that their blog is referring to. Seemingly, all the data linked with the aforementioned accounts could be at risk.
This breach has left a lot of Quora users perturbed as many of them took to Twitter to vent their frustration. Some are even concerned about the breach.
That said, there is a sigh of relief from many as no financial data is linked to the website. Quora has also acted swiftly and responded to this breach by logging out all of its users thereby forcing them to log in again with fresh passwords.
Since many of the passwords and sensitive user data linked to other accounts has been hacked it is advisable that Quora users immediately change their Facebook and Google passwords just to be on the safe side.
(At The Quint, we are answerable only to our audience. Play an active role in shaping our journalism by becoming a member. Because the truth is worth it.)