back to article Yet another mega-leak: 100 million Quora accounts compromised by system invaders

Someone's taken a wander through the systems of question-and-answer website Quora, pilfering account details of 100 million users. The organisation announced on Monday this week: “On Friday we discovered that some user data was compromised by a third party who gained unauthorized access to one of our systems.” It said it has …

  1. chivo243 Silver badge

    Quora?

    I just started to get email from this site. I don't recall signing up. It's deleted now!

    1. illiad

      Re: Quora?

      It looks like qu*ra will search your PC for any cookies set by sites like FB, GM**L, etc...

      get a good cookie manager!

  2. David Gosnell

    I tried to cancel my membership a while back...

    ...due to their underhand pushing of mobile users to their app, and today got emailed about this. I'm sure the risk is theoretical, but, y'know.

    1. chivo243 Silver badge

      Re: I tried to cancel my membership a while back...

      @David Gosnell

      Haish Elementary? DHS? ring any bells? I knew a David Gosnell loooong ago.

      1. David Gosnell

        Re: I tried to cancel my membership a while back...

        Nah, not me I'm afraid.

  3. Graham 2

    A silverish lining

    It's nice to see:

    1. A timely report of a potential breach

    2. The passwords were encrypted

    3. A company acting proactively.

    If only some/many/all the others would take note.

    1. Pascal Monett Silver badge

      Re: A silverish lining

      Yes, you're right on all counts.

      Unfortunately, we also see that those damn icons (Twitter, FaceBook, LinkedIn et al) are not only a tool being used to track us, but also a tool for miscreants that can use such links to reverse-engineer your accounts when breaching a seemingly unrelated one.

      This whole rigmarole is getting too complicated. Maybe if we slap a dash of "AI" it'd help ? Nah.

  4. Anonymous Coward
    Anonymous Coward

    steps to contain the incident

    are as follows:

    1. issue a statement that the privacy and security of personal data are of utmost importance

    2. issue a half-apology. Maybe.

  5. Anonymous Coward
    Anonymous Coward

    Using facebook to log in to Quora

    I don't use Facebook, but isn't using Facebook to log in to a 3rd party site much worse than re-using a password?

    1. Nick Kew

      Re: Using facebook to log in to Quora

      In what sense "worse"?

      If being tracked bothers you, then yes, you're cooperating with them. But for basic security, using OpenID (which I presume underlies logging in with Facebook) beats creating Yet Another Username/Password any day. At least on a site that's less critical than the OpenID provider.

  6. cosmogoblin

    I'm banned from Quora. I signed up to post an answer to an astrophysics question that hadn't been answered; I spent about 2 hours fully researching and sourcing my answer, and got several words of thanks and a decent number of upvotes.

    But because I didn't use my real name, I was blocked. As a teacher with a (un)healthy does of paranoia, I never use my real name on public forums, just in case; I believe (and Quora disagrees) that whether what I write is worth reading depends on what I write, rather than whether I used a real-sounding name. I switched to better places like physics.stackexchange instead.

    I'm glad now - I feel quite vindicated!

    1. Jamie Jones Silver badge

      I deleted my Quora account after 2 of my posts had been deleted by them.

      I did have some quite detailed responses to technical queries and other stuff posted there, but I also strayed into non-techincal stuff.

      I read on a religious thread a man who said he was a devout Christian who was shocked when his son came out as gay, but after trying to understand, and get to know his sons partner, he realised he'd been a close-minded bigot, and now he gets on great with both of them, and his sons parter is like a son to him.

      I woman resonded "I'm like you.... My daughter came out as lesbian. I was truly sickened. It's deplorable, But she's my daughter, so I have to get along with her, even though she sickens me and is an evil sinner to the lord" [ words to that affect ]

      My reply contained a line, something like "No. You are not like him. He was put into a situation where he opened his mind, realised his bigotry and grew from it. You are just an evil and horrible person"

      That post was flagged and deleted for "insulting a quora member" - never mind the fact she'd just told everyone her daughter discusts her, and she finds her abhorrent.

      The second post was from someone who wrote a long fox-news style report about how muslims have taken over London.

      I gave a long detailed reply, including links to facts etc. but my post was deleted because somewhere along the line I called him a bigotted moron.

      So I deleted my account - be polite and civil etc.. yeah, i get that, but they are so over-pc, they end up protecting the real tossers. You can say something really horrible, but if someone calls you out on it, and they flag it, strike against you.

      It's why quora mainly consists of:

      1) Standard questions requiring a specific answer -- the sort of thing google can solve.

      2) Moronic trolling posts from fake ID's that don't care if they are banned.

      3) "Debate" that is so toned down, it's useless. No-one dare say anything that upsets anyone else - to the point where it totally stiffles discussion.

      1. Jez Burns

        I have yet to read a post anywhere where someone who is called an insulting name responds with "thank you for showing me the error of my ways - as a result of your reply I have looked deep within my soul and now realise I am a moron. Henceforth all my posts will be sparkling with enlightenment and reason".

        With acknowledgement of the fact that you get a good proportion of dickheads on any internet forum, there's nothing more tedious as a reader looking for specific information than having to wade through a massive food-fight to get to anything interesting. Quora will know this, and obviously want to avoid their website becoming 'youtube without the videos'. It's a public forum, and so is always going to be full of misinformation and prejudice. While an 'upvoting' system might not be a perfect way of dealing with this, combined with a level of their own policing (which given the volume of posts will have to be pretty simplistic and arbitrary), it's probably about as good as it's ever going to get.

        1. Jamie Jones Silver badge

          "I have yet to read a post anywhere where someone who is called an insulting name responds with "thank you for showing me the error of my ways - as a result of your reply I have looked deep within my soul and now realise I am a moron. Henceforth all my posts will be sparkling with enlightenment and reason".

          Yeah, fair point.

          I wasn't clear in my original post - whilst my 2 posts were deleted, the original (which were far more hateful) were allowed to remain. If they'd been deleted as well as mine, then fine. But as it is, someone can write something hateful, and you are unable to call them out on it. So, posts like that go unchallenged, which is far more destructive in my opinion.

  7. Notas Badoff

    Quora: Crack for the curious

    I had to arrest myself! No longer a 'user'...

  8. Pink Duck

    Deleted account

    Surprised to find I had used Google to authenticate with them at some point. Wouldn't let me delete the account until setting a password though. So I did, "deleteme", then deleted the account. All a bit late, but these breaches are far too many and frequent now that we may as well give up all hope of having anything not widely known about us any more. Like most incidents like this, I just black-list the service and never use it again.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like