It's all over the news, it even made the Wall Street Journal. I'm a quora participant myself and received the news directly in an email.
Quora said it discovered last week that hackers broke into its systems and were able to make off with data on up to 100 million users. That data could have included a user’s name, email address, and for some users an encrypted version of their password. If a user imported data from another social network, like their contacts or demographic information, that could have been taken too.
Some private actions on the site may have been taken as well. That includes requests for answers, downvotes, and direct messages. Content posted anonymously should remain anonymous.
“The overwhelming majority of the content accessed was already public on Quora, but the compromise of account and other private information is serious,” Quora CEO Adam D’Angelo wrote in a blog post this evening.
The Verge wrote: "At 100 million users, this is a very substantial breach and one that likely represents a major portion of Quora’s registered users. In 2015, D’Angelo said the site received 200 million unique visitors each month, which likely comes primarily from search traffic.
D’Angelo says Quora is trying to “contain the incident” and prevent another breach from happening. “We are working rapidly to investigate the situation further and take the appropriate steps to prevent such incidents in the future.”
That large data breaches like this are still happening is scandal. Just last week, a Marriott breach leaked personal info on up to 500 million guests; in September, a hacker gathered personal information from up to 29 million Facebook accounts. More at The Verge:
https://www.theverge.com/2018/12/3/18124849/quora-100-million-user-hack-name-email-messages
You have just GOT to step your users through new-school security awareness training, and make it mandatory.
Email Template
Find out how affordable new-school security awareness training is for your organization. Get a quote now.
