Yet another company reveals that it has suffered a major data breach. Just last week, Marriott Hotel confirmed that a database hacking incident had compromised the personal information of as many as 500 million guests.
Now, Q&A website Quora also confirms that hackers were able to break into its system and steal the data of up to 100 million users. It may include sensitive information such as names, email addresses, and an encrypted version of their passwords. It gets worse: suppose a user imported data from another social network, including contacts or other crucial information, those likely were taken as well.
Private actions on the site may have been stolen alongside the above-mentioned items. Those include requests for answers, downvotes, and even direct messages. Meanwhile, content that was posted anonymously should remain anonymous, as Quora says it doesn't store identifiable information on such posts.
Quora Data Breach
A huge portion of the data accessed was already public on Quora, according to CEO Adam D'Angelo.
As of this time, the company is sending emails to users to inform them of the data breach. The company says it has also notified law enforcement and hired a digital forensics firm to investigate the breach, details of which right now are scarce. For now, Quora is only revealing that "a malicious third party" successfully acquired "unauthorized access to one of our systems." It discovered the breach on Friday, Nov. 30.
The mishap is certainly one of the biggest data breach incidents of 2018. At 100 million users affected, it also represents what's perhaps a big chunk of Quora's entire user base. In 2015, D'Angelo said the site had 200 million unique monthly visitors.
What Is Quora Doing About It?
Currently, Quora is doing everything it can to try and contain the situation, and to prevent another breach from potentially occurring.
"We are working rapidly to investigate the situation further and take the appropriate steps to prevent such incidents in the future," according to D'Angelo.
Massive data breaches are unfortunate, yet common occurrences in the landscape of tech, and they especially involve companies with troves upon troves of data at their disposal, such as Facebook, Yahoo, Google, and many others. Hackers strategically wait for a service to store data over the years before they steal them all in one go. So many pernicious things can be done with this data, such as selling them to advertisers.