Tuesday, December 04, 2018

Quora has large data breach, but it is unlikely to harm many users

Quora, a site that poses questions which users can answer, has reported a hack of over 100 million users from authorized access that occurred Friday Nov. 30.

Motherboard Vice reports in a story here by Joseph Cox. 

CEO Adam D’Angelo, 34, has written an official statement here

The passwords stolen were encrypted, which should make it harder to misuse, especially with a huge number of them.  Site speakers who had used the same pw’s for other accounts should change these.

But the stolen email addresses may make phishing spam more frequent (and I’m wondering if somehow that accounts for the Apple spam I got last week).

When I went back into it this morning, it invited me to sign on with Facebook (which is probably also not the best security now, given what happened this year).

Most users are not likely to have placed other PII or non-public material on this site.

The site keeps track of subject matter preferences.  I see a lot of questions about USCF chess ratings. 
CERT has just reported several industrial espionage trojans which I’ll have to get back to later.

No comments: