Hackers have stolen account information, including encrypted passwords from users of the question-and-answer website.

About 100 million users of Quora, a popular question-and-answer website, have been affected by a security breach involving a “malicious third party”, the company says.

Quora said it was notifying all users who may have been affected to prevent further damage.

Account information, including names, email addresses, encrypted passwords and data imported from linked networks when authorised by users, may have been compromised, the website said.

Founded in 2009, Quora offers its users a platform where questions are asked, answered, edited and organised by other users, according to the website.

The breach comes only days after the database of Marriott International, the world’s largest hotel company, was hacked, affecting about 500 million records from its Starwood Hotels reservation system, exposing personal data of customers that included some payment card numbers.

181130125912049

In a blog post, Quora’s CEO Adam D’Angelo said the company believes that the root cause had been identified and that it has “taken steps to address the issue, although our investigation is ongoing and we’ll continue to make security improvements”.

We have discovered that some user data was compromised by unauthorized access to our systems. We’ve taken steps to ensure that the situation is contained and are notifying affected users. Protecting your information is our top priority. Read more here: https://t.co/uwbdMjoM1v — Quora (@Quora) December 3, 2018

The company is currently in the process of logging out and invalidating users who may have been affected.

“We will continue to work both internally and with outside experts to gain a full understanding of what happened and take any further action as needed” the post added.

Anonymous posting

Quora is known for offering its users a platform to ask and answer questions anonymously.

“Questions and answers that were written anonymously are not affected by this breach as we do not store the identities of people who post anonymous content,” Quora said in the post.

It adds that the “overwhelming majority of the content accessed was already public on Quora, but the compromise of account and other private information is serious”.

Quora said it has retained leading digital forensics and security teams to help assist them and notified law enforcement officials.

The Quora Inc-owned website was founded in 2009 by D’Angelo and Charlie Cheever, two former Facebook employees.