Which external websites contain Quora content

Hacker attack: 100 million user data (including content) stolen from Quora

The question-and-answer portal Quora was hacked. Data from 100 million users were captured. This corresponds to about half of the registered members of the portal. The incident was discovered last Friday. The investigations are still ongoing.

Which data are affected?

According to Quora, the hackers gained access to email addresses, usernames and encrypted passwords. Data imported by users of connected services was also compromised. (Non-) public content and actions (questions, answers, ratings, comments, direct messages) were also affected by the attack; but not anonymously written questions and answers. The company says it does not store the identity of people who publish such content.

Adam D’Angelo, CEO of Quora:

The overwhelming majority of the content accessed was already public on Quora, but the compromise of account and other private information is serious.

Quora responded to the incident with appropriate security measures. The sessions of the affected users were ended and their passwords reset. The company has also taken other unspecified measures to prevent unauthorized access to the servers in the future.

What should I do?

First you should check whether you are affected as a user of the website. So it's worth taking a look at your own inbox. Under certain circumstances, you belong to the part of those affected who have already been informed by Quora via email. Otherwise, Quora also has an EU data protection representative in accordance with Art. 27 GDPR, who is commissioned to serve as a contact point for all questions relating to processing to ensure compliance with the GDPR. It is also worth doing a short research on relevant websites such as “Have i been pwned?”. Further measures and tips can be found in our article: “User data stolen ?! What to do in an emergency ”.

In addition, it should be checked whether the Quora password has been used several times (which is generally not advisable) and for which accounts this must therefore still be changed. You will find help in choosing a new, secure password for Quora or other services in the article: "The perfect password". In addition, you should consider what information about you was disclosed by the data breach, what potential risks arise as a result and how you can minimize them.

One of the most massive hacker attacks

With data stolen from 100 million compromised accounts, the incident represents one of the largest hacker attacks to date. Only the break into the booking system of the Starwood hotel chain and the attack on Yahoo took on even greater proportions. At the Starwood hotel chain (subsidiary of the world's largest hotel group Marriott), strangers gained access to the reservation databases and were able to steal up to half a billion pieces of data; including some credit card information. However, the most massive hacker attack to date hit the company Yahoo in 2013, which affected three billion user accounts at the time.

The incidents of the recent past also show that data breaches can occur again and again in day-to-day business. Due to the statutory obligation (Art. 33, 34 GDPR) to report this, data breaches are now more often known to the general public. It is all the more important for companies of all sizes not only to deal with the topic of IT security in order to avoid data breaches, but also to work out a response plan to deal with data breaches in the event of an emergency.

Do you like the post? Then we look forward to a recommendation:

About the author

Mandy HrubeFull lawyer

Data protection concerns the whole of society and enables comprehensive insights into the structure of a company. This makes data protection an exciting and varied field of activity. more →

intersoft consulting services AG

As experts in data protection, IT security and IT forensics, we advise companies across Germany. Find out more about our range of services here:

IT security advice

Do you have any suggestions for topics or improvements? Contact us anonymously here.