Quora, a question-and-answer website, has reported a data breach affecting about 100 million users.
In a blog post, Chief Executive Adam D’Angelo said account information such as user names, email addresses, encrypted passwords and data imported from linked networks “may have been compromised.”
Users’ histories — including public questions and answers, as well as comments and votes, along with nonpublic actions such as answer requests and direct messages — might have been compromised.
On Quora, users can pose questions on the site and other users can answer. In September, Quora reported it surpassed 300 million unique visitors a month.
The data breach “is nothing like” the massive one announced Friday by Marriott International Inc., but it still raises concerns, said Pam Dixon, executive director of the World Privacy Forum, a nonprofit public interest group.
The phishing potential could be significant if data that Quora imported from other networks included things like contact lists or Facebook profiles. Quora did not specify the type of information involved.
Quora discovered Friday a “malicious third party” had gained unauthorized access to one of its systems. The company is still investigating the incident. Quora is notifying users whose data have been compromised, logging them out of the site and invalidating their passwords.