Quora got hacked

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Volstein

Thread Starter
Joined
Aug 23, 2018
Messages
44
Hi ppl!

Few days ago the news appeared that personal information of about 100 million of its users was stolen from Quora website. I think there are many people between us that use this service and spend a lot of time on that website.

Quora announced the incident late Monday after its team last Friday discovered that an unidentified malicious third-party managed to gain unauthorized access to one of its systems and stole data on approximately 100 million users—that's almost half of its entire user base.

The only thing I can't understand is why do people need Quora's users information like email and password.. There's nothing really interesting there.

What are your thoughts? Do hackers just have fun or they really collect some info?
 

Volstein

Thread Starter
Joined
Aug 23, 2018
Messages
44
I don't use Quora so no worries here.
It's not only about Quora. The same thing happened to Reddit not long ago and to many other services.
It becomes annoying that so many services are not really reliable nowadays.
 

TerryNet

Moderator
Joined
Mar 23, 2005
Messages
80,309
First Name
Terry
The only thing I can't understand is why do people need Quora's users information like email and password..
Phishing is one reason. If a crook has your email address and password he (or she) can login and send mail to your contacts. Mail that, say, contains a link to a malicious site. Since at least some of your contacts are your relatives, friends or colleagues they may trust you to send them only good links and go ahead and click on them.

A second reason is that many people use the same password for many sites--so for some people having their email password means also having their facebook, twitter, bank account, etc., password.

A third reason is to sell a bunch of that info to other crooks who will make use as reasons one and two above.


What are your thoughts? Do hackers just have fun or they really collect some info?
The latter. Many years ago a lot of hackers were just looking to have "fun" and to be annoying. Now I think that most are out for the money.
 
Joined
Nov 6, 2016
Messages
6,830
First Name
John
Information lost to hackers builds data bases that can facilitate identity theft.
As Terry pointed out, phishing attacks and password collection concerns that lead to ill gotten gains.
 

Volstein

Thread Starter
Joined
Aug 23, 2018
Messages
44
Phishing is one reason. If a crook has your email address and password he (or she) can login and send mail to your contacts. Mail that, say, contains a link to a malicious site. Since at least some of your contacts are your relatives, friends or colleagues they may trust you to send them only good links and go ahead and click on them.

A second reason is that many people use the same password for many sites--so for some people having their email password means also having their facebook, twitter, bank account, etc., password.

A third reason is to sell a bunch of that info to other crooks who will make use as reasons one and two above.




The latter. Many years ago a lot of hackers were just looking to have "fun" and to be annoying. Now I think that most are out for the money.
Wow.. I didn't think about it from that point of view.. You're right. Even I long ago was using one password for everything. After one hacker attack I changed my position and now I have a base of passwords XD
 

Couriant

Trusted Advisor
Spam Fighter
Joined
Mar 26, 2002
Messages
35,704
First Name
James
Use 2FA (2 Factor Authentication) if it's available, preferably with an app that creates random codes. but yeah most hacks like that are to sell the data to people. But in reality, no service is impenetrable so to say x is bad because of this, or don't use y because of that doesn't necessarily mean it;s not good.

Did you know this site uses 2FA? :D

Fun fact, of all the G-Mail/Google accounts there are, I believe they said 8% use 2FA...

@TerryNet - Shouldn't this be in Random Discussion?
 

Volstein

Thread Starter
Joined
Aug 23, 2018
Messages
44
Use 2FA (2 Factor Authentication) if it's available, preferably with an app that creates random codes. but yeah most hacks like that are to sell the data to people. But in reality, no service is impenetrable so to say x is bad because of this, or don't use y because of that doesn't necessarily mean it;s not good.

Did you know this site uses 2FA? :D

Fun fact, of all the G-Mail/Google accounts there are, I believe they said 8% use 2FA...

@TerryNet - Shouldn't this be in Random Discussion?
I've read that even 2FA doesn't fully protect you from hacking attempts. I don't remember the source but it explained step-by-step how it could be done.
But I understand that it will give you more safety anyway. Thanks, I think I'll switch it on where possible.
 

DaveA

Trusted Advisor
Spam Fighter
Joined
Nov 16, 1999
Messages
16,562
First Name
David
Hacking attempts can happen to any one even the most secure.
It is the complete success of the hack that is the REAL issue.
 

Volstein

Thread Starter
Joined
Aug 23, 2018
Messages
44
Hacking attempts can happen to any one even the most secure.
It is the complete success of the hack that is the REAL issue.
Sometimes it seems to me that there's no need in securing yourself on the web as if hacker will decide to break into your account - he'll do that anyway..
 
Joined
Feb 1, 2019
Messages
5
How in the world do they keep hacking these large websites (Quora, Reddit, Yahoo! etc.)? You'd think that such mastodons would have infallible security protecting their servers. I wonder if these hacks happen because the hackers are too skilled or because the companies are too lenient about securing their websites. I mean, almost half of their users' info? Come on. To steal that much data, you'd need more than a few minutes. Surely, several layers of surveillance firewalls should have noticed this happening and stopped it immediately.
 
Joined
Nov 6, 2016
Messages
6,830
First Name
John
Issues of complexity versus fallibility then add in the opportunist.
In the passage of time, code built from and on top of code evolves with more and more attack vectors, as it seeks to be elegant but too often just looks bloated........imho of course.

Then toss in limited operating budgets just to add some diversion away from security goals.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top