Cybersecurity and the Quora Compromise
All is relatively well here at Woesnotgone Meadow, where everyone has above average bandwidth.
The Meadow has a number of people who enjoy asking questions about the various topics seen across the news channels. These persons are not much for introspection. These topics could be focused on technology, farming, or the new coffee crop.
As the residents ask each other these questions, there is also another source for the back and forth question and answer questions.
Quora, the knowledge sharing website, experienced a minor issue this year. Quora was founded in 2009 by two former Facebook employees and is located in Mountain View, CA.
Compromise
The compromise was manifested by the unauthorized access to one of the Quora systems, discovered on November 30, 2018. There is not a mass amount of information regarding the attack vector or method for others to learn from. Only the general actions were noted. Quora has noted their teams believe they have found the root cause for the breach, and allegedly have taken the appropriate steps to address the issue. The investigation though is still on-going.
Affected Users
This was not a small, incidental compromise. This affected approximately 100M of the Quora users. To remediate this, the company logged out the potentially affected users. Quora also contracted with a leading digital forensics and security firm to assist them with the investigation.
Data Exfiltrated
The attackers were able to secure data from Quora for their uses. This included the name, email address, encrypted password, and user imported data from the linked websites. These were expected to be Facebook and Twitter. The attackers also were able to secure details on the user’s non-anonymous activities on Quora (e.g. questions, answers, and up- and down-votes). Although this data was stolen, most of the data would have been accessible publicly.
As noted, the passwords were encrypted. Seemingly, this would be the perfect situation. Quora however did not detail the format of the encrypted passwords. This could have been weak. These could have been hashed instead, however, this could have been weak or without being salted.
Thanks for visiting Woesnotgone Meadow, where the encryption is strong, and the O/Ss are always using the latest version.
Resources
Acharya, B. (2018, December 3). Quora says 100 million users hit by security breach. Retrieved from https://www.reuters.com/article/us-quora-cyber/quora-says-100-million-users-hit-by-security-breach
About the Author - Charles Parker, II has been working in the info sec field for over a decade, performing pen tests, vulnerability assessments, consulting with small- to medium-sized businesses to mitigate and remediate their issues, and preparing IT and info sec policies and procedures. Mr. Parker’s background includes work in the banking, medical, automotive, and staffing industries.