100 Million Quora Users Affected By ‘Malicious’ Data Breach

Just days after Marriott International disclosed a massive cybersecurity breach, Quora has announced that it too has been attacked by hackers. The popular question-and-answer website said Monday that a "malicious third party" may have lifted the account information of some 100 million users.

Company CEO Adam D'Angelo said that the company uncovered the hack Friday, and that the exposed user information ranged from email addresses and cryptographically protected passwords to private direct messages. It also includes data from other networks, such as Facebook and Twitter, that users can choose to link to their accounts

"Questions and answers that were written anonymously are not affected by this breach as we do not store the identities of people who post anonymous content," D'Angelo explained in a blog post. "The overwhelming majority of the content accessed was already public on Quora, but the compromise of account and other private information is serious."

He noted that Quora believes it has "identified the root cause," but that an investigation by an outside security firm is still ongoing. The company will be notifying affected users, he added, and "we have also notified law enforcement officials."

The news follows a string of high-profile cybersecurity breaches in recent years.

A massive hack in 2013 likely exposed the personal data of every person who had an account with Yahoo — for a grand total of some 3 billion user accounts.

And though that breach remains the largest ever disclosed, other massive incidents have followed. That includes a breach of Equifax that, according to the credit reporting agency, exposed the sensitive personal information of nearly 150 million people.

Just last week, Marriott revealed that it had learned of a hack affecting about 500 million of its customers worldwide. Attorneys general from several states have already launched investigations into the incident, which appears to have rendered details such as passport numbers vulnerable to third parties.

The breach revealed Monday by Quora stands at a smaller — if still massive — scale. But D'Angelo apologized "for any concern or inconvenience this may cause."

"There's little hope of sharing and growing the world's knowledge if those doing so cannot feel safe and secure, and cannot trust that their information will remain private," he said. "We are continuing to work very hard to remedy the situation, and we hope over time to prove that we are worthy of your trust."

Copyright 2018 NPR. To see more, visit https://www.npr.org.