Quora Breach Exposes Information of 100 Million Users

  /     /     /  
Publicated : 23/11/2024   Category : security


Quora Breach Exposes Information of 100 Million Users


The massive breach has exposed passwords for millions who didnt remember having a Quora account.



Quora, a website that provides answers to natural-language queries, announced that its membership database has been breached, exposing information for approximately 100 million individuals to criminals.
According to the companys disclosure, exposed information includes:
Account information, e.g. name, email address, encrypted (hashed) password, data imported from linked networks when authorized by users
Public content and actions, e.g. questions, answers, comments, and upvotes
Non-public content and actions, e.g. answer requests, downvotes, and direct messages
Quora told affected users that the risk of long-term harm is low because the company collects no payment or deeply personal information from any account holder. Judging from Twitter activity around the breach, one of the most surprising facts for many account holders was the fact that they have an account on Quora; many had apparently signed on to answer a single question, then forgotten that they had the account at all.
Ryan Wilk, vice president of customer success for NuData Security, a Mastercard company, said in response to the breach, Stolen information, such as names, email addresses and passwords, combined with other user data from other breaches and social media, builds a complete profile. Every hack has a snowball effect that far outlasts the initial breach.
For those affected by the breach, the disclosure of their information could have an impact that extends far beyond Quora itself. Ben Johnson, co-founder and CTO of Obsidian Security, said, The Quora breach is a powerful reminder about the perils of password reuse. Many of the compromised accounts belong to users who haven’t been active for years. Reusing the same password puts sensitive data across all accounts at risk if a single breach occurs — even if it’s a service they haven’t used in years.
Among the facts not yet known is how regulators in the US and Europe will view the breach. The financial impact could be considerable, as Chris Olson, CEO of The Media Trust explains. Now that [the EU General Data Protection Regulation] is in force, California’s Consumer Privacy Act has been passed, and a new federal consumer privacy bill has been proposed that threatens to imprison CEOs for inaccurate or incomplete reporting on data processes, companies must get to know all their third parties and ensure those third parties activities fall within company policies for data security and privacy. Most third parties operate under the radar, posing known and unknown threats to companies top and bottom lines.
For more, read
here
and
here
.

Last News

▸ Scan suggests Heartbleed patches may not have been successful. ◂
Discovered: 23/12/2024
Category: security

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Quora Breach Exposes Information of 100 Million Users