Quora discovers data breach that may affect 100M users

Question-and-answer site says names, email addresses and encrypted passwords were exposed.

Getty Images

A data breach may have exposed the personal information of about 100 million Quora users, the question-and-answer website said Monday.

"We recently discovered that some user data was compromised as a result of unauthorized access to one of our systems by a malicious third party," Quora Chief Executive Adam D'Angelo wrote in a blog post Monday. "We are working rapidly to investigate the situation further and take the appropriate steps to prevent such incidents in the future."

The breach, which D'Angelo said was discovered Friday, compromised account information such as names, email addresses and encrypted passwords. Other information exposed included public content such as questions, answers and comments, as well as nonpublic content such as downvotes and direct messages.

D'Angelo said the company is notifying users who may have been affected by the breach and invalidating their account password as a precaution. Quora also said it's retained a digital forensics team to investigate the breach and notified law enforcement officials.

"We believe we've identified the root cause and taken steps to address the issue, although our investigation is ongoing and we'll continue to make security improvements," D'Angelo wrote.

CNET's Holiday Gift Guide: The place to find the best tech gifts for 2018.

Security: Stay up-to-date on the latest in breaches, hacks, fixes and all those cybersecurity issues that keep you up at night.