You can do this by visiting settings if not prompted to do so when trying to log in. That said, you should still reset your password as a matter of course whether Quora has invalidated it or not in my never humble opinion. This confirms that all 100 million impacted users will be notified by email, so if you don't get one then you are likely OK. So, where does this leave you as a concerned Quora user? First and foremost there is an official Quora question and answer session, oh the irony, that can be found here. Although Quora is not making any public statements with further detail at this point in time, it does say that it has "identified the root cause" of the breach and has "taken steps to address the issue." As for the steps being taken, these include the disclosure notification that has already started hitting inboxes around the world and a forced password reset for all users, who will also have been logged out of the system now. Law enforcement has, of course, also been informed.
I am led to understand that the investigation is being carried out by the internal Quora security team as well as a third party digital forensics company. The disclosure email contains the usual, and frankly by this point pretty meaningless, apologies for any "concern or inconvenience this may cause" as well as the promises that everyone is working hard to investigate and take steps to prevent it happening again. It's worth noting that the passwords that have been compromised were encrypted and hashed with a salt that will vary from user to user. If you are a Quora user who contributed to the systems anonymously then your data will not have been impacted simply because that it does not store identity data of anonymous posters. Oh, and data that has been imported from linked networks such as contacts, demographic information, interests and (now invalidated) access tokens.
This includes names, email addresses, IP addresses, user IDs, encrypted passwords, user account settings, personalization data, public actions and content (including drafts) such as questions, answers, comments, blog posts and upvotes. While it is currently unknown how the breach happened, Quora says the intrusion was only discovered on Friday November 30th, it does know the user data that has been compromised.
0 kommentar(er)
