New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research

Search

100 Million Users Left Exposed in Quora Breach

Data breaches are becoming a daily thing as of late. A question and answer website being known as Quora have suffered one of the larger breaches we’ve seen this year. Data from 100 million registered users of the site has been stolen according to a statement from Quora early this morning. The breach was identified on the 30th of November with information such as names, emails addresses, hashed passwords, direct messages, specific details to users’ questions, answers, upvotes, and comments amongst other linked networks authorized by the user. When referring to linked networks, Quora allows for users to log on with their Facebook and Google+ accounts, although at this time they are unsure what linked network data has been stolen. As far as how and when hackers managed to gain access to the information is unknown at the time of writing this brief, however, the internal security department, as well as additional law enforcement officials, are working to. Identify the exact cause. Luckily enough, Quora does not collect social security numbers or financial information so we should not see any identity theft instances come out of this specific breach.

Analyst Notes

If users have a Quora account it is advised they change their password as soon as possible, and if they use the same password on other platforms they change that immediately as well. Users should be on the lookout for increased attempts at phishing campaigns amongst other email scams. Although financial information was not directly accessed in this breach if it is stored on an email account or other linked network it is safe to contact financial institutions as a heads up.