Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Security Privacy The Internet

Quora Data Breach Exposes 100 Million Users' Personal Info (cbsnews.com) 40

schwit1 shares a report from CBS News: Information sharing website Quora has announced a data breach which has exposed "approximately 100 million users'" personal data. The company said in a statement released Monday that it discovered the "unauthorized access to one of our systems by a malicious third party," on Friday. Chief Executive Adam D'Angelo wrote in the blog post that Quora had alerted law enforcement authorities and was "working rapidly to investigate the situation further and take the appropriate steps to prevent such incidents in the future." D'Angelo said Quora was working to alert the affected users of the site, whose names, email addresses and encrypted passwords, and public content such as their questions, answers and comments, were exposed through the breach. Those users would be required to reset their passwords, D'Angelo said.
This discussion has been archived. No new comments can be posted.

Quora Data Breach Exposes 100 Million Users' Personal Info

Comments Filter:
  • by ZorinLynx ( 31751 ) on Tuesday December 04, 2018 @05:47PM (#57749992) Homepage

    Even if you're not going to contribute anything, you're forced to create an account to keep browsing. I wonder how many of those 100 million accounts are throwaways used to browse the site. I know mine is!

    Websites shouldn't force read-only users to create accounts. Not only is it annoying, but it wastes resources on your servers and now you have more accounts to potentially get hacked.

    • by mattyj ( 18900 )

      Except that they collect browsing habits/history that are attached to an email address, which is a saleable commodity.

      Probably cuts down on robots indexing their data and selling it or doing whatever with it, too.

      Annoying, I agree, but the evil empire has its reasons.

    • Why create a throwaway login? Copy paste the text into google searcgh box and you click on the google link.
    • Perfect use-case for SQRL.
    • I think Quora was created by a former Facebook employee. It's not worth creating an account. It's just another Yahoo Answers with hardly any useful content.
      • by dkman ( 863999 )

        Thank you for answering my question, "What is Quora and why would they have my information?"

  • I hope not. That implies they're not one-way hashed and if they've stolen the encryption key too, they can obtain the actual password.
    That would be an amature security mistake on Quora's part.

    • by mattyj ( 18900 )

      I'd posit that a mistake that's already exposed that much data, undetected until now, is an amateur security mistake. If they get the data and the key, that's more like infantile.

    • by Dunbal ( 464142 ) *

      That implies they're not one-way hashed

      _strrev() is an awesome password "hashing" function!

    • It's possible that the term "encrypted" is being used loosely to encompass the process of salting and hashing passwords.

      For users, the problem is that it's hard to know whether any particular site is using good security practices to keep data secure. I use is a password manager (mSecure) that runs locally on my phone, and generate unique random passwords for each site. That way, a breach like this wouldn't allow my data to be compromised on other sites, where I might have reused the password. I don't upl

    • Well, seeing how reliable their service is (not very), this wouldn't surprise me.
  • by BringsApples ( 3418089 ) on Tuesday December 04, 2018 @05:51PM (#57750012)
    So many data breaches lately, makes me wonder if eventually everyone's data will be worthless. And then what??? Most of the propellant of today's society has to do with gathering personal data. If personal data turns out to be worthless, we're talking a shit-storm of problems for a society that's built around it.
    • I personally *try* to make sure my data is worthless. I mean, they know I like math and science questions, but that's hardly news. I lie about nearly everything personal they ask me; I just make sure my age is over 18. I use a shitty password because I couldn't care less if they crack it and use it to log onto some other shitty site where I have a forum account or something. Personal questions? I tell them that I grew up on Dingleberry street, and my first pet was named "flame retardant banana". (Note: I ma

    • If personal data turns out to be worthless, we're talking a shit-storm of problems for a society that's built around it.

      TULIPS! Get your freshly harvested tulip bulbs here! Tulips! Only one per house, that's the price!

      Link [investopedia.com] (How Much: at the peak of the market, a person could trade a single tulip for an entire estate, and, at the bottom, one tulip was the price of a common onion.)

    • by Anonymous Coward

      The data breaches are the largely the flip-side of hiring cheap developers. What goes around comes around etc.

  • Well... (Score:5, Funny)

    by The Grim Reefer ( 1162755 ) on Tuesday December 04, 2018 @06:47PM (#57750262)

    Information sharing website Quora has announced a data breach

    TFS says it's an information sharing site.

  • ... How to guard against hackers.
  • by account_deleted ( 4530225 ) on Tuesday December 04, 2018 @09:19PM (#57750842)
    Comment removed based on user account deletion
  • When I want highly questionable answers from completely unknown sources, quora.com is my go-to place!

You know you've landed gear-up when it takes full power to taxi.

Working...