Date:04/12/18
The company believes it has identified the root cause of the breach and “taken steps to address the issue, although our investigation is ongoing and we’ll continue to make security improvements.” Quora also added that anonymous questions and answers were not affected by the breach because it does not store the identities of people who make anonymous postings.
The company is currently notifying users whose data was compromised and logging out all Quora users who may have been affected as a security precaution. It is also invalidating their passwords if they used one. A FAQ about the breach has been set up here.
- According to Quora, the following user data may have been accessed:
- Account and user information, e.g. name, email, IP, user ID, encrypted password, user account settings, personalization data
- Public actions and content including drafts, e.g. questions, answers, comments, blog posts, upvotes
- Data imported from linked networks when authorized by you, e.g. contacts, demographic information, interests, access tokens (now invalidated)
- Non-public actions, e.g. answer requests, downvotes, thanks
- Non-public content, e.g. direct messages, suggested edits
In another article on its help center, Quora said “it is confident that no partner’s financial information has been compromised.” Some access tokens associated with Stripe, the payment processing service used by the company, were “temporarily compromised,” but Quora confirmed with Stripe that no access tokens have been used since the incident and no financial information was breached.
All users with Stripe accounts have also had their access tokens reset. “We are confident that no personal financial information that was accessible through Stripe has been compromised. Furthermore, no personal financial information is currently vulnerable,” Quora said.
Quora says 100 million users may have been affected by data breach
Quora has said that a security breach may have compromised data from about 100 million users. In an email sent to users today and a blog post by CEO Adam D’Angelo, the company said a “malicious third party” gained unauthorized access to Quora’s systems on Friday. Its internal security teams and a “leading digital forensics and security form” are currently investigating the breach. Law enforcement officials have also been notified.The company believes it has identified the root cause of the breach and “taken steps to address the issue, although our investigation is ongoing and we’ll continue to make security improvements.” Quora also added that anonymous questions and answers were not affected by the breach because it does not store the identities of people who make anonymous postings.
The company is currently notifying users whose data was compromised and logging out all Quora users who may have been affected as a security precaution. It is also invalidating their passwords if they used one. A FAQ about the breach has been set up here.
- According to Quora, the following user data may have been accessed:
- Account and user information, e.g. name, email, IP, user ID, encrypted password, user account settings, personalization data
- Public actions and content including drafts, e.g. questions, answers, comments, blog posts, upvotes
- Data imported from linked networks when authorized by you, e.g. contacts, demographic information, interests, access tokens (now invalidated)
- Non-public actions, e.g. answer requests, downvotes, thanks
- Non-public content, e.g. direct messages, suggested edits
In another article on its help center, Quora said “it is confident that no partner’s financial information has been compromised.” Some access tokens associated with Stripe, the payment processing service used by the company, were “temporarily compromised,” but Quora confirmed with Stripe that no access tokens have been used since the incident and no financial information was breached.
All users with Stripe accounts have also had their access tokens reset. “We are confident that no personal financial information that was accessible through Stripe has been compromised. Furthermore, no personal financial information is currently vulnerable,” Quora said.
Views: 391
©ictnews.az. All rights reserved.Similar news
- Azerbaijani project to monitor disease via mobile phones
- Innovative educational system to be improved under presidential decree
- NTRC prolongs license of two TV and radio organizations for 6 years
- Azerbaijan establishes e-registry for medicines
- Azerbaijani museum introduces e-guide
- Nar Mobile opens “Nar Dunyasi” sales and service center in Siyazan city
- International conference on custom electronic services held in Baku
- OIC secretary general to attend COMSTECH meeting in Baku
- Azerbaijan develops earthquake warning system
- New law to regulate transition to digital broadcasting in Azerbaijan
- Azerbaijani State Social Protection Fund introduces electronic digital signature
- Intellectual traffic management system in Baku to be commissioned in December
- Tax Ministry of Azerbaijan started receiving video-addresses
- World Bank recommends Azerbaijan to speed up e-service introduction in real estate
- Azerbaijan to shift to electronic registration of real estate