Maybe the question Quora really needs to answer is how someone was able to hack into its systems and gain access to the personal data of 100 million of its users.
The Mountain View-based question-and-answer site disclosed the breach late Monday, saying it discovered the incident Nov. 30. The attack included getting information on everything from individuals’ names, email addresses and user IDs to their encrypted passwords, account settings and content including questions, answers, comments, blog posts and upvotes that users posted on the site.
“We are working rapidly to investigate the situation further and take the appropriate steps to prevent such incidents in the future,” Quora co-founder Adam D’Angelo said in a blog post in which the company disclosed the hack. “We also want to be as transparent as possible without compromising our security systems or the steps we’re taking.”
The hack is especially large when the size of Quora’s user base is taken into account. In September, Quora disclosed that it had 300 million monthly users; at the same time, it raised $85 million in a round of funding that valued the company at approximately $1.8 billion.
D’Angelo added that the “overwhelming majority” of the content that was accessed was already public on Quora, but he added that the compromising of the site was “serious.”
“We’ve identified the root cause and taken steps to address the issue, although our investigation is ongoing and we’ll continue to make security improvements,” he wrote.
D’Angelo said that Quora has begun notifying users whose data was compromised, and that its users should consider changing their account passwords.
The Quora security breach comes just over two months since Facebook disclosed that 50 million of its users had their personal data compromised in a hacking attack on the social network’s security systems.
