The hacking scourge continues. Quora, a widely used question-and-answer website, announced late Monday that a “malicious third party” had compromised the account information of 100 million users.
Names, email addresses and encrypted passwords were among the compromised information, Quora chief executive Adam D’Angelo said in a blog post about the security breach, as well as personal activity on the website and “data imported from linked networks,” such as Facebook and Twitter.
The announcement comes just days after Marriott International revealed that hackers had accessed the reservation system of subsidiary Starwood for four years, stealing sensitive personal information from up to 500 million guests — home addresses, birth dates, email addresses, phone numbers, flight information and passport numbers — that could pose threats of identity fraud and national security.
While the information affected by Quora’s breach is less extensive, it raises further questions about whether companies are up to the task of safeguarding the personal information they collect from users.
“It is our responsibility to make sure things like this don’t happen, and we failed to meet that responsibility,” D’Angelo said. “There’s little hope of sharing and growing the world’s knowledge if those doing so cannot feel safe and secure, and cannot trust that their information will remain private.”
Quora did not disclose any information about who the intruders might be or how they gained access to its system. The company said it discovered the data breach on Friday, but Quora did not say when the attackers first broke into its system or how long they had access to the user information.
Quora referred The Washington Post to the blog post when asked for further details about the data breach.
The company said it is investigating the cause of the breach, adding that it has hired a security firm to investigate the hack and has notified law enforcement.