After the hacker's attack on the reservation database of the Marriott hotel chain, which affects about half a billion guests, a second loss of data was known in a few days: the operators of the questions and answers platform Quora.com had to admit that unknown people have access to Nomi, e-mail addresses and encrypted passwords of about 100 million users.
Quora exists since 2009. On the site, for example, users ask specific questions about world events, which can then be solved by other users. The answers are sometimes very detailed, often by experts and sometimes by celebrities such as Barack Obama and Hillary Clinton. According to the official number of users, about a second user Quora fell victim to the hack.
Adam D & # 39; Angelo, co-founder and head of the company, wrote in a blog post: "We must be sure that this does not happen and we have failed". An IT security company and the police were called to investigate the incident.
The passwords touched were cryptographically protected by a so-called hash and salt function. In such methods, each password is first enriched with random data (which is the salt) and then converted into a sequence of characters from a random appearance in an operation that is difficult to perform.
However, interested users have not only been informed via e-mail and logged out, but must also assign new passwords for security reasons. Because under certain circumstances it is also possible to decrypt passwords with hashes with special cracking programs. Those who used their Quora password for other services should also change it, because otherwise hackers can access other accounts.