The San Francisco-based company Quora which disclosed that a ‘Security Update’ left as many as 100 million people affected.
In an official blog post, the company stated that account information, including names, email addresses, encrypted passwords, data imported from linked networks, user questions and answers, direct messages, etc, might have been compromised during the breach.
The breach, discovered on Friday, did not affect question and answers that are written anonymously, the company said, adding that it has also notified law enforcement officials.
“We believe we’ve identified the root cause and taken steps to address the issue, although our investigation is ongoing and we’ll continue to make security improvements,” Quora CEO Adam D’Angelo said in the blog post.
The website is popular for sharing questions and answers by members, often anonymously, although the company said the identities of individuals who had answered questions anonymously.
Quora is letting affected users know via email if their accounts have been affected. Quora will also be providing relevant updates as and when they are available to affected users.
A notification for consumers about a breach of this scope of data about our use of a service through “unauthorized access“ to your systems “by a malicious third party” isn’t a “security update,” @quora https://t.co/UcZG3NA2Tw It’s a data breach. I appreciate the email, & but wow. pic.twitter.com/gMym1HIjN0
— Alex Howard (@digiphile) December 4, 2018
The website was founded in 2009 by D’Angelo and Charlie Cheever, two former Facebook employees.