- Home
- News
- Articles+
- Aerospace
- Agriculture
- Alternate Dispute Resolution
- Banking and Finance
- Bankruptcy
- Book Review
- Bribery & Corruption
- Commercial Litigation
- Competition Law
- Conference Reports
- Consumer Products
- Contract
- Corporate Governance
- Corporate Law
- Covid-19
- Cryptocurrency
- Cybersecurity
- Data Protection
- Defence
- Digital Economy
- E-commerce
- Employment Law
- Energy and Natural Resources
- Entertainment and Sports Law
- Environmental Law
- FDI
- Food and Beverage
- Health Care
- IBC Diaries
- Insurance Law
- Intellectual Property
- International Law
- Know the Law
- Labour Laws
- Litigation
- Litigation Funding
- Manufacturing
- Mergers & Acquisitions
- NFTs
- Privacy
- Private Equity
- Project Finance
- Real Estate
- Risk and Compliance
- Technology Media and Telecom
- Tributes
- Zoom In
- Take On Board
- In Focus
- Law & Policy and Regulation
- IP & Tech Era
- Viewpoint
- Arbitration & Mediation
- Tax
- Student Corner
- ESG
- Gaming
- Inclusion & Diversity
- Law Firms
- In-House
- Rankings
- E-Magazine
- Legal Era TV
- Events
- News
- Articles
- Aerospace
- Agriculture
- Alternate Dispute Resolution
- Banking and Finance
- Bankruptcy
- Book Review
- Bribery & Corruption
- Commercial Litigation
- Competition Law
- Conference Reports
- Consumer Products
- Contract
- Corporate Governance
- Corporate Law
- Covid-19
- Cryptocurrency
- Cybersecurity
- Data Protection
- Defence
- Digital Economy
- E-commerce
- Employment Law
- Energy and Natural Resources
- Entertainment and Sports Law
- Environmental Law
- FDI
- Food and Beverage
- Health Care
- IBC Diaries
- Insurance Law
- Intellectual Property
- International Law
- Know the Law
- Labour Laws
- Litigation
- Litigation Funding
- Manufacturing
- Mergers & Acquisitions
- NFTs
- Privacy
- Private Equity
- Project Finance
- Real Estate
- Risk and Compliance
- Technology Media and Telecom
- Tributes
- Zoom In
- Take On Board
- In Focus
- Law & Policy and Regulation
- IP & Tech Era
- Viewpoint
- Arbitration & Mediation
- Tax
- Student Corner
- ESG
- Gaming
- Inclusion & Diversity
- Law Firms
- In-House
- Rankings
- E-Magazine
- Legal Era TV
- Events
On December 4, question-and-answer website “Quora” reported unauthorized access to one of its systems by a “malicious third party”, which compromised the personal data of nearly 100 million users.Quora’s CEO Adam D’Angelo said, “We recently discovered that some user data was compromised as a result of unauthorized access to one of our systems by a malicious third party. We...
ToRead the Full Story, Subscribe to
Access the exclusive LEGAL ERAStories,Editorial and Expert Opinion
On December 4, question-and-answer website “Quora” reported unauthorized access to one of its systems by a “malicious third party”, which compromised the personal data of nearly 100 million users.
Quora’s CEO Adam D’Angelo said, “We recently discovered that some user data was compromised as a result of unauthorized access to one of our systems by a malicious third party. We are working rapidly to investigate the situation further and take the appropriate steps to prevent such incidents in the future.”
The data allegedly compromised includes: Account and user information (name, email, IP, user ID, encrypted password, user account settings, personalization data); Public actions and content, including drafts (questions, answers, comments, blog posts, upvotes); Data imported from linked networks when authorized by users (contacts, demographic information, interests, access tokens [now invalidated]); Non-public actions (answer requests, downvotes, thanks); and Non-public content (direct messages, suggested edits).
In this regard, in order to prevent any additional damage, Quora stated that it is now logging out all users who may have been affected, and if they use a password as their authentication method, Quora is invalidating their passwords.
D’Angelo said, "The overwhelming majority of the content accessed was already public on Quora, but the compromise of account and other private information is serious... We are in the process of notifying users whose data has been compromised.”
According to Quora, the data breach did not affect questions and answers that are written anonymously because it does not store the identities of people who make anonymous postings. The firm has, however, informed the law enforcement officials of the issue. Quora added, “We have retained a leading digital forensics and security firm to assist us.”
Subsequently, D'Angelo said, "We believe we've identified the root cause and taken steps to address the issue, although our investigation is ongoing and we'll continue to make security improvements."