Quora, the widely used question-and-answer platform, has reported a significant data breach that may have compromised the personal information of approximately 100 million users. The breach, disclosed by the company on Monday, was discovered by their security team last Friday, who uncovered unauthorized access by a malicious actor to one of Quora’s systems.
The attack highlights vulnerabilities in Quora’s security infrastructure, with the intruder gaining potentially sensitive data that includes users’ names, email addresses, hashed passwords, and information imported from social networks such as Facebook and Twitter. This breach impacts nearly half of Quora’s total user base, raising considerable concerns about privacy and data integrity.
Adam D’Angelo, CEO and co-founder of Quora, outlined the types of information compromised, which encompasses both public content, including questions, answers, comments, and upvotes, as well as non-public content like private messages and answer requests. Notably, Quora employs salted and hashed passwords to enhance security; however, the company has logged all affected users out and mandated password resets as a precautionary measure.
In response to the breach, Quora has launched an ongoing investigation and has engaged a leading digital forensics firm to assist with the analysis. Law enforcement agencies have also been notified. D’Angelo emphasized the company’s commitment to identifying the breach’s causes and taking preventative steps to ensure future security.
The attack on Quora underscores a growing trend of high-profile data breaches in recent months. Just last week, Marriott International revealed a security incident that exposed personal information from up to half a billion guests, following a data compromise in its Starwood properties. Similarly, Facebook disclosed a breach affecting 30 million users due to a vulnerability in its “View As” feature.
For those concerned about the implications of this breach, Quora is reaching out to affected users via email and has provided a comprehensive FAQ page detailing the incident. Cybersecurity professionals should monitor developments closely to assess any potential risks associated with this data breach.
Given the context of recent cyber threats, this incident highlights potential tactics from the MITRE ATT&CK Matrix, including initial access methods such as exploiting vulnerabilities or utilizing social engineering techniques. The persistence of the attacker in maintaining access and possibly attempting privilege escalation further illustrates the sophisticated nature of this attack.
Businesses and individuals alike should remain vigilant in the wake of such breaches, assessing their own security protocols to mitigate risks associated with unauthorized data access.
