Quora, a social media platform for asking questions, has suffered a data breach. 100 million user accounts have been compromised.
Data breaches seem to be getting bigger in size these days. Late last month, we saw the massive data breach of the United States Postal Service (USPS) which saw 60 million accounts compromised. At the time, we thought that was huge. Of course, few could have predicted the massive Marriott data breach which saw a stunning 500 million accounts compromised. By our calculation, the size of that ties with the third largest security incident ever.
Now, we are seeing yet another huge data breach. This time, it comes from the website Quora. An estimated 100 million accounts have been compromised. From Motherboard:
On Tuesday, the social media company announced hackers had stolen details on some 100 million accounts, including email addresses, hashed passwords, and non-public information, such as direct messages.
A hash is a cryptographic representation of data, meaning that a company doesn’t need to store your actual password, but a scrambled version of it. Potentially, this means hackers may have a harder time taking that data and actually logging into accounts.
“We will continue to work both internally and with our outside experts to gain a full understanding of what happened and take any further action as needed,” Quora’s announcement reads.
The stolen data also includes a lot of information that was already technically public, such as users’ questions, answers, comments, and upvotes, the announcement adds.
Perhaps the good news in all of this is that this breach alone doesn’t extend into people’s credit card information, dates of birth, and social security numbers. It’s pieces of information like that that allow identity thieves to take out credit cards in other peoples names. Still, that’s not to say the breach isn’t bad by any means. It just means that it could have been worse – especially considering the size of it.
Probably the best thing to do at this point is to change your password on that site. If you use the same username and password on other sites, then it would definitely be advisable that you change the passwords on those other sites as well.
In any event, those behind Quora are likely not having a good week right now. No one wants a security breach tied to the history of the website they look after. Once a leak or breach happens, the best that can be hoped for is that the damage can be mitigated as best as possible. From there, the hope is that the passage of time can mend most of the wounds and leave minimal scarring on the organizations reputation.
With so many major breaches this big, we can only hope that this is the last of it and not the start of a very long trend. After all, the leaks and breaches have been a pretty worrying thing as of late thanks to the unusual size.