Quora, the question-and-answer site that bludgeons users into signing up, has been hit with a major data breach.
In a blog post titled "Quora Security Update," the site revealed that the data of approximately 100 million users may have been compromised as a result of unauthorised access to its systems on Friday.
"We're still investigating the precise causes and in addition to the work being conducted by our internal security teams, we have retained a leading digital forensics and security firm to assist us. We have also notified law enforcement officials," Quora co-founder and CEO Adam D'Angelo wrote in the blog post.
We have discovered that some user data was compromised by unauthorized access to our systems. We’ve taken steps to ensure that the situation is contained and are notifying affected users. Protecting your information is our top priority. Read more here: http://t.co/uwbdMjoM1v
— Quora (@Quora) December 3, 2018
The data includes account information, such as name, email address, password, and data imported from linked networks, as well as public content and actions, such as questions, answers, upvotes and comments.
Non-public content could have also been accessed, such as answer requests, downvotes, and direct messages. Quora claims that a low percentage of users have sent or received direct messages.
Quora added that the overwhelming majority of content accessed was already public on its site. Anonymously authored questions and answers were reportedly not affected by the breach, and the company said it doesn't store information from anonymous users.
The company will now notify users whose data has been compromised, and will invalidate passwords for users who use one to sign in.
In 2017, Quora served approximately 190 million unique visitors a month, and was valued at $1.8 billion following a funding round that same year.