Quora has announced that it discovered a breach on one of its systems last week. The incident reportedly affected 100 million users. Hackers were able to gather account information from registered Quora users, including their name, email address and hashed/encrypted passwords.
Users who want to know if they were hacked should check their emails to see if Quora informed them that they may have have been affected by the data breach. Users who received an email should change their passwords. The passwords that were possibly compromised by the the hackers were hashed/encrypted, but it’s still advised for users to change them regardless. This is also strongly recommended for users who reuse their passwords for other services.
For users who want to delete their Quora accounts, Forbes said that they can do so by going to their account privacy settings and selecting “Delete Account.” For users who registered to Quora through their Facebook or Google accounts, they will be required to change their passwords first before they are able to go through the deletion process.
Quora will only completely delete a user’s account along with all their data after 14 days. Users shouldn’t log in to their Quora account within the period, or else their account will be reactivated and they will have to go through the same process again to have it deleted.
A lot of users may have created an account on Quora without even noticing it. The service is linked to a lot of quizzes that are found on Facebook. If a user accessed a quiz on Facebook that’s directly linked to Quora, they may have inadvertently created a Quora account.
Users who are still unsure that they’ve created an account should go to Quora directly and see if they’re accounts are linked. To unlink a Facebook, Twitter or Google account from Quora, users should go to the settings and look for the “Connected Accounts” section of the page. There should be an option to unlink their accounts from the site there.
Quora has already initiated some precautions to improve its security, including notifying its users through email that their account information may have been compromised. The site is also logging out all of its users who may have been affected by the data breach. D’Angelo also said that they have already identified the root cause of this incident and they have already taken steps to address the issue.
“We recently discovered that some user data was compromised as a result of unauthorized access to one of our systems by a malicious third party. We are working rapidly to investigate the situation further and take the appropriate steps to prevent such incidents in the future,” Quora CEO Adam D’Angelo said in a blog post.
Quora discovered the breach on Nov. 30. Hackers were able to gather user data by gaining unauthorized access to one of the site’s systems. Quora is still investigating how this unauthorized third party was able to access one of its systems. The site said that its own internal security teams are investigating the situation, while “a leading digital forensics and security firm” is also present to assist.
Quora has already taken some steps to contain the incident and to protect its users. The user data that may have been compromised by this data breach include name, email address, encrypted passwords and data imported from linked networks. The site also warned its users that both their content and actions on the site, including private messages, may have also been compromised by the breach.
“Questions and answers that were written anonymously are not affected by this breach as we do not store the identities of people who post anonymous content. The overwhelming majority of the content accessed was already public on Quora, but the compromise of account and other private information is serious,” D’Angelo said.