I got an e-mail last night from Quora that my personal information may have been stolen, so I feel like I am slightly ahead of the curve on this one. So Quora released a statement today that about 100 million users of the site may have been affected by a security breach involving a “malicious third party.” Account information, including names, e-mail addresses, encrypted passwords and other data may have been compromised as a result. Quora does not apparently collect credit card numbers or social security numbers. The company posted a very long FAQ on its site directed to the breach and apparently only learned about it a few days ago.
The encrypted passwords are probably the most potentially harmful issue for users – if the encryption on the passwords was minimal it could be easy to circumvent and then cross reference with other accounts that are linked to Quora. Thus, users may want to change their passwords, along with deleting their Quora account, as a precaution. Further, there may be a lot of people who don’t remember that they are in fact Quora users, particularly if they got onto the site using a Google or Facebook account and then never went back – and there are apparently a lot of those types of limited or one-time users on Quora. If you don’t remember, check your inbox and spam folder to see if you got an e-mail.