The social platform said late Monday that the account information and private messages of around 100 million users may have been exposed when its computer systems were compromised by “a malicious third party.” Quora discovered the data breach on Friday, the company’s chief executive, Adam D’Angelo, wrote in a blog post, and it is still investigating how it happened.
“It is our responsibility to make sure things like this don’t happen, and we failed to meet that responsibility,” Mr. D’Angelo wrote.
The company noted that the incident was unlikely to result in identity theft, as the site does not collect sensitive information such as credit card or social security numbers.
Still, coming less than a week after the hotel chain Marriott announced that hackers had stolen the personal data of up to 500 million guests, the incident serves as another reminder that a vast and expanding swath of our lives is vulnerable to digital intrusion.
Quora commands a huge audience. The company says that 300 million people around the world use its site at least once a month to ask and answer questions about politics, faith, calculus, unrequited love, the meaning of life and more. By comparison, Twitter claims 326 million monthly active users.
But since it blasted onto the social media landscape in 2010, igniting a blaze of interest among tech company employees, Quora has not become the mainstream cultural force that Twitter has, for better or for worse. That is perhaps why some Quora users reacted to news of the security breach with surprise — not that their account information may have been accessed by malicious actors, but that they had a Quora account in the first place.
The company seemed to acknowledge such reactions on Monday. A page of frequently asked questions about the attack includes the query: “I didn’t know I had a Quora account. How is it that my email or information was exposed?”
Its answer: “You may have signed up for Quora some time ago. While you might not have regularly visited or used Quora, your account remained.”