A few days after the gigantic Marriott data breach incident which impacted 500 million guests if the International chain of Marriott Hotels, another data leak has taken place. This time, it’s the most popular Question and Answer portal, Quora. Quora is a California based website which was co-founded by the former Facebook employees Charlie Cheever and Adam D’Angelo in June 2009. Quora is a social media platform which offers its users to have debates, the conversation surrounding various lively topics of life, love, faith, politics, education, interests and much more. The firm recently reported a case of the data breach that ultimately compromised personal data of around 100 million users such as encrypted passwords, email address, username, IP address and so on. The data breach was found by Quora on 30 November when it discovered that some of the user data were compromised by a third party who acquired unauthorized access to one of its systems.
The Quora CEO Adam D’Angelo made a statement saying they are still investigating the cause of the breach with the help of their internal security teams. They have engaged a third party leading digital forensic and security company to assist in this situation. The law enforcement officials are also informed about it. Quora officials are working towards reaching the roots of the situation rapidly while taking appropriate steps to avoid such incidents in the future course of the firm. The kind of personal data that has been compromised include account information such as data imported from linked networks when authorized by users, hashed passwords, email address, and name. It includes public content and actions such as upvotes, comments, answers, questions and non-public content and actions such as direct messages, downvotes, and answer requests.
The website is now following the procedure of notifying the users whose data has been compromised via sending an email. All the users who seem to get affected by it are logged out of their accounts to prevent further damage, and they are canceling their passwords to terminate the reach to their accounts by a malicious third party. The FAQ page of Quora Security Update contains more detailed information about more questions and doubts. The company is trying to be as open and transparent as possible without compromising their internal security system. Quora is just another leading company which became the victim of data breach and but the good thing is that the firm is acknowledging the truth rather than hiding it from its users.