Dec 4, 2018 102 Comments
TOP 102 Comments
- Salesforce mnbjytecEven with all the IITians they couldn't stop this breach ... shame
- I didn't know that India is a university? Lol. And why did the Illinois institute joke get flagged? Haha.
At sierra, we with with vendors and resellers and vars. Theyre ccnas from southeast Asia do braindumps to get certified yet need our Cisco sme's assistance in troubleshooting their Cisco gear. Even though we tell them all of the commands to run and in what sequence and why. All they know is conf t.
Otoh the Indian people who do come to the USA are accomplished and move up the ladder quite well and have manners and are generally well liked.
- Atleast they were upfront about it within a week. I respect that.
As a user I know that every platform can get hacked but it’s how u respond what matters the most.
- Amazon / ProductYoriDue to European law they are now required to tell users within the minimum possible time needed to get a the facts, ie a week. If they don’t, they can be fined millions. There would be no point in telling EU customers without telling everyone else, which may be the real driver of this.Dec 4, 201817
- Microsoft richardheaWhy would anyone have an account on Quora anyway? The site is idiotically annoying.
- Google CbvQ46Hopefully Blind doesn't store user-id to email address mapping. If it does and the data is leaked we are all fucked!
- Uber / Eng@w@moreI hate Quora. If I read an answer I get spammed to read other ones via email.
- Sprint lxCy58When I register on social media sites I use my first initial of my last name and a spammy email address. Luckily this hack is not going to affect me.
- Why thanks? It could have hurt so many people and put so many lives in danger for those who actually needed their anonymity! People have shared stories of abuse other extremely personal stuff.
- Facebook TrbujwdOh no your email address leaked. Big f*cking deal. What planet are you all on?
- Quit Quora a while back. People there always write these novels that start off with “I have a story...”. Just get to the damn point! Also the fonts on the app are ridiculously small and hard to read.
- I recently changed my droids font settings back from big to normal as I was having trouble reading some text and contact names that trail off the screen. This is a problem that blackberry solved awhile back. But I've only used Androids since then, so I'm not sure if other mobile OSes have solved this problem.
- Really? I guess you have to jailbreak to change to a custom fonts. At least, I see people all the time with those snazzy fonts that are hellish to read on an ios device. I mean, who are they trying to impress? It's just your eyesight, no one really needs that.
- Facebook #MAGA2020No one gives a flying fuck about Quora. It’s a failed site used by narcissist idiots to pump their ego. Mostly idiotic questions and useless answers. 90% of active user base is south Asians.
Deleted my account on it, installed Chrome extension (greasemonkey script) that hides it from Google Search results and added an entry in hosts to point it to localhost.
- Yelp / Eng@channelAt some point you made a calculated decision to trade your personal information for some features from the website. Breaches will unfortunately happen. Sometimes it’s caused by negligence, but often times companies do go above and beyond to try and do the right thing security-wise for their customers/employees/partners. Maybe just don’t use the internet if you’re worried about what might happen to your personal info?
- An important privacy principle is to not collect information that you don't need. Names aren't really needed to give answers. They've made this worse for themselves.
- Full post:
Quora Security Update
We recently discovered that some user data was compromised as a result of unauthorized access to one of our systems by a malicious third party. We are working rapidly to investigate the situation further and take the appropriate steps to prevent such incidents in the future.
We also want to be as transparent as possible without compromising our security systems or the steps we're taking, and in this post we’ll share what happened, what information was involved, what we're doing, and what you can do.
We're very sorry for any concern or inconvenience this may cause.
On Friday we discovered that some user data was compromised by a third party who gained unauthorized access to one of our systems. We're still investigating the precise causes and in addition to the work being conducted by our internal security teams, we have retained a leading digital forensics and security firm to assist us. We have also notified law enforcement officials.
While the investigation is still ongoing, we have already taken steps to contain the incident, and our efforts to protect our users and prevent this type of incident from happening in the future are our top priority as a company.
What information was involved
For approximately 100 million Quora users, the following information may have been compromised:
Account information, e.g. name, email address, encrypted password (hashed using bcrypt with a salt that varies for each user), data imported from linked networks when authorized by usersPublic content and actions, e.g. questions, answers, comments, upvotesNon-public content and actions, e.g. answer requests, downvotes, direct messages (note that a low percentage of Quora users have sent or received such messages)
Questions and answers that were written anonymously are not affected by this breach as we do not store the identities of people who post anonymous content.
The overwhelming majority of the content accessed was already public on Quora, but the compromise of account and other private information is serious.
What we are doing
While our investigation continues, we're taking additional steps to improve our security:
We’re in the process of notifying users whose data has been compromised.Out of an abundance of caution, we are logging out all Quora users who may have been affected, and, if they use a password as their authentication method, we are invalidating their passwords.We believe we’ve identified the root cause and taken steps to address the issue, although our investigation is ongoing and we’ll continue to make security improvements.
We will continue to work both internally and with our outside experts to gain a full understanding of what happened and take any further action as needed.
What you can do
We’ve included more detailed information about more specific questions you may have in our help center, which you can find here.
If you were affected, we will update you with relevant details via email.
While the passwords were encrypted (hashed using bcrypt with a salt that varies for each user), it is generally a best practice not to reuse the same password across multiple services, and we recommend that people change their passwords if they are doing so.
It is our responsibility to make sure things like this don’t happen, and we failed to meet that responsibility. We recognize that in order to maintain user trust, we need to work very hard to make sure this does not happen again. There’s little hope of sharing and growing the world’s knowledge if those doing so cannot feel safe and secure, and cannot trust that their information will remain private. We are continuing to work very hard to remedy the situation, and we hope over time to prove that we are worthy of your trust.