Founded in 2009 by former Facebook Chief Technology Officer Adam D’Angelo, Quora reported that the data of close to 100 million users was stolen in a data breach discovered on November 30.
D’Angelo, who is also the CEO of Quora, wrote in a blog post:
“We recently discovered that some user data was compromised as a result of unauthorized access to one of our systems by a malicious third party. We are working rapidly to investigate the situation further and take the appropriate steps to prevent such incidents in the future. We also want to be as transparent as possible without compromising our security systems or the steps we’re taking, and in this post, we’ll share what happened, what information was involved, what we’re doing, and what you can do. We’re very sorry for any concern or inconvenience this may cause.”
On November 30, it was discovered that user data had been compromised by a third party who gained unauthorized access to one Quora’s systems. The company is still investigating the precise causes and in addition to the work being conducted by the internal security teams, and have retained a leading digital forensics and security firm to assist us, along with notifying law enforcement officials. Steps have already been taken to contain the incident and to protect user data.
For approximately 100 million Quora users, the following information may have been compromised:
- Account information such as name, email address, encrypted (hashed) password, data imported from linked networks when authorized by users.
- Public content and actions such as questions, answers, comments and up votes.
- Non-public content and actions such as answer requests, down votes, direct messages.
“It is our responsibility to make sure things like this don’t happen, and we failed to meet that responsibility. We recognize that in order to maintain user trust, we need to work very hard to make sure this does not happen again. There’s little hope of sharing and growing the world’s knowledge if those doing so cannot feel safe and secure, and cannot trust that their information will remain private. We are continuing to work very hard to remedy the situation, and we hope over time to prove that we are worthy of your trust,” D’Angelo wrote.