Are you a Quora user?

If so, you're certainly not alone. It is the internet's most popular question-and-answer website, which makes it a unique property in the social media ecosystem.  Unfortunately, the site recently suffered a massive data breach that exposed the personal information of about one hundred million of the site's users.

The Quora team formally announced the breach on Monday, December 10th, 2018. They discovered the previous Friday that an "unauthorized third party" gained access to one of its core systems and stole user data on approximately half the site's users, which amounts to about a hundred million users.

According to Quora, the leaked data included

  • Username
  • Real name (if different)
  • Email address
  • Passwords
  • Any data that may have been imported from social networks linked to Quroa
  • Non-public actions, including request, downvotes, and private messages sent to other Quora users

A few things to note about the above:  First, although passwords were stolen, they were hashed, which means that the hackers won't be able to immediately crack them.  Of course, they eventually could, but the process will take time.

Second, social network data was only compromised for users who employ the "Facebook" or other social media sign-in option.

According to the company:

"We're still investigating the precise causes, and in addition to the work being conducted by our internal security teams, we have retained a leading digital forensics and security firm to assist us.  We have also notified law enforcement authorities."

Our perspective

The long and the short of it is that if you use Quora, there's at least a 50/50 chance your password and other data were compromised.  To be safe, change your password immediately.


The author

Thanks for reading this short post. For more tips on thriving with small business technology, check out the other blog posts at DWPia Blogs. I am also available at dwpia on LinkedIn, at dwpia on Facebook, and @dwpia on Twitter.

Cybersecurity Expert, Small Business Technology Consultant, Managed Services Provider, Managed IT Support

Denis S Wilson

I am President and Principal Consultant for DWP Information Architects: specializing in managed IT support for smaller healthcare practices, clinics, insurance companies, law firms, and construction companies in Ventura County and San Fernando Valley. And have created cost-effective IT solutions, for over 20 years, specializing in cybersecurity and regulatory compliance.

I am also a published author and speaker, working extensively with organizations that include: the State of California, the Federal Bureau of Investigation (FBI), the Small Business Administration (SBA), SCORE, Women's Business Centers, and Small Business Development Centers. As well as providing small business technology education programs through business and professional associations.

Contact me if you would like me to speak at your meeting.

Meanwhile, check out this report

Executive Report: 10 Hidden IT Risks That Might Threaten Your Business