A million users have been affected by a security incident on the question-and-answer site
Users are demanding an explanation from Quora after the question-and-answer website announced on Monday that a security incident had compromised the information of a million contributors to its platform.
Quora, keeping on brand, was quick to notify those affected by the breach, which was first discovered on Friday “as a result of unauthorized access to one of our systems by a malicious third party”, the company said.
The intrusion exposed personal details including name, email address, hashed passwords, and any imported data from linked social media accounts.
User activity – questions, answers, upvotes, and downvotes – was also likely impacted, but most of this information would have been publicly accessible anyway.
Releasing a statement late on Monday, Quora said: “We believe we’ve identified the root cause and taken steps to address the issue, although our investigation is ongoing and we’ll continue to make security improvements.”
The knowledge platform, valued at $1.8 billion in its latest funding round, will force a password reset for of all those affected. The company said it will provide further details as and when they are available.
Quora reiterated that no credit cards or government issued identification was taken, as it does not collect this information, and identities of users that post anonymously have not been exposed since these details are not stored.
How the company shares data with third-parties has been another area of concern, with rumours of unethical practices surging in the wake of the Facebook-Cambridge Analaytica scandal.
Quora, started by former Facebook employees Adam D’Angelo and Charlie Cheever, reported 200 million monthly users to its site in 2017.
The Daily Swig has reached out to the company for comment.