Cathay Pacific, British Airways, Marriott, and of course Facebook are just a few of this year’s breaches. If you thought that you’d get a break until next year though, you are sorely mistaken: Today another breach was revealed – Quora.
Quora is a question-and-answer-website. That means that anyone can ask questions and give answers to questions that one knows the answer to – and if you are really lucky your question might even get answered by some prominent user like Obama, Stephen Fry, or Gillian Anderson. The page itself wants the user to either login with their Google or Facebook accounts (we know by now that the latter is a bad idea, right?), or create a new profile with his or her real name.
While this helps to give answers credibility it’s not so great anymore when the page gets hacked and data exposed and stolen. This is what happened now: According to Quora the data of 100 million users has been stolen.
For approximately 100 million Quora users, the following information may have been compromised:
While the last two points are really mostly only relevant for Quora itself – except perhaps the direct private messages – the name, mail addresses and passwords are what you definitely don’t want to get out.
As of now there is no information available on how Quora was breached. Affected users have been informed via mail and passwords were reset.
While the stolen passwords were encrypted it is still a lot safer to change your passwords if you were amongst the affected users and use the same password for several of your accounts. Here are a couple of tips you may want to follow:
If you have trouble coming up with a good, strong, and complex enough password you can always use a good Password Manager to help you out.