Cyber Incident Victim: Quora
Date:
Nov 2018
Location:
United States of America
Summary
Quora experienced a security breach where an unauthorized third party accessed systems, compromising data of approximately 100 million users. The company detected malicious activity and responded by engaging forensic experts and notifying law enforcement. Exposed information included account details such as names, email addresses, and encrypted passwords, along with both public contributions like questions and answers, and non-public interactions including direct messages and downvotes. The breach prompted immediate containment efforts and user notifications, though the specific method of intrusion remained unidentified. Protecting user information was emphasized as a critical priority moving forward.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On November 30, 2018, Quora detected unauthorized access to one of its systems by a malicious third party, compromising the data of approximately 100 million users. The company initiated an investigation involving digital forensic experts and notified law enforcement authorities. The breach exposed account information including names, email addresses, encrypted passwords, and data imported from linked networks authorized by users. Public content such as questions, answers, comments, and upvotes were compromised, along with non-public user actions including answer requests, downvotes, and direct messages. Quora confirmed the incident was contained but did not disclose the specific intrusion method or attacker identity.
The company began emailing affected users on December 3, 2018, with notifications mirroring their public security update. These communications reiterated the exposure scope but provided no additional technical details about the breach. While passwords were encrypted, Quora advised vigilance for credential reuse across other platforms due to potential secondary attacks. The incident impacted both publicly visible content and private user interactions, though no evidence of data misuse was confirmed at disclosure. Quora emphasized ongoing efforts to enhance security measures and prevent future breaches while maintaining user trust as a priority.