Today’s large data breach has been introduced by means of Q&A web site Quora, affecting over 100 million registered users. What did the “unauthorized third party” get? According to CEO Adam D’Angelo:
Account data, e.g. title, e-mail deal with, encrypted (hashed) password, data imported from related networks when approved by means of users
Public content material and movements, e.g. questions, solutions, feedback, upvotes
Non-public content material and movements, e.g. resolution requests, downvotes, direct messages (observe low proportion of Quora users have despatched or won such messages)
Quora discovered the breach on November 30th and mentioned it’s nonetheless investigating. It has logged all users out, and forcing all accounts with a password to reset that password. It additionally mentioned that the password data was once salted and hashed to forestall attackers from the usage of it, however to be wary, users must additionally reset passwords on their different accounts in the event that they shared the similar one. There are emails going out notifying users of the breach, however at the moment the entire data to be had is arranged on this FAQ.