quora | Breaking Cybersecurity News | The Hacker News

The World's most popular question-and-answer website Quora has suffered a massive data breach with unknown hackers gaining unauthorized access to potentially sensitive personal information of about 100 million of its users. Quora announced the incident late Monday after its team last Friday discovered that an unidentified malicious third-party managed to gain unauthorized access to one of its systems and stole data on approximately 100 million users—that's almost half of its entire user base. According to Adam D'Angelo, the chief executive officer and co-founder of Quora, the personal user information compromised in the breach includes: Account information , such as names, email addresses, encrypted (hashed) passwords, and data imported from linked social networks like Facebook and Twitter when authorized by users. Public content and actions , like questions, answers, comments, and upvotes. Non-public content and actions , including answer requests, downvotes, ...

Nobody is immune to being Hacked! After hacking Mark Zuckerberg's Twitter and Pinterest accounts, Hacking group OurMine has successfully hacked the Quora account Google CEO Sundar Pichai and then cross-posted to his Twitter account. The hack became apparent when OurMine posted messages on Quora through Pichai's account, which then appeared on his official Twitter feed late Sunday night — Thanks to the two accounts being linked. All the tweets in question have since been removed from Pichai's Twitter feed. Unlike Mark Zuckerberg, the three-man team Saudi hackers group did not use password exposed by 2012 LinkedIn data breach; rather they claimed to have discovered a vulnerability in Quora, which is a Q&A community launched in 2010. The group behind OurMine claims it is "testing security" of accounts and teaching people to secure their online accounts better. "We are just testing people security (sic), we never change their passwords, we did it...

Identity-based attacks are on the rise. Attackers are targeting identities with compromised credentials, hijacked authentication methods, and misused privileges. While many threat detection solutions focus on cloud, endpoint, and network threats, they overlook the unique risks posed by SaaS identity ecosystems. This blind spot is wreaking havoc on heavily SaaS-reliant organizations big and small. The question is, what can security teams do about it? Have no fear, because Identity Threat Detection and Response (ITDR) is here to save the day. It's essential to have the visibility and response mechanisms to stop attacks before they become breaches. Here's the super lineup that every team needs to stop SaaS identity threats. #1 Full coverage: cover every angle  Like Cap's shield, this defense should cover every angle. Traditional threat detection tools such as XDRs and EDRs fail to cover SaaS applications and leave organizations vulnerable. SaaS identity threat detection and re...