The recent data breach at Quora, a questions and answers website, is part of an increasing trend of major data breaches affecting large organizations with an extensive user base.
Quora in December announced on a blog post called
Data that may have been stolen includes name, email, encrypted passwords, and data imported from "other networks," such as phone contacts or Facebook friends. Additional details on questions asked, answers given, up votes, down votes on public and private content is also believed to have been stolen.
In the short term, the company’s reputation will be directly affected by the breach as well as consumer trust significantly diminishing. A
Companies like Quora can expect a short term financial hit in advertising revenue, and there will also be notable costs incurred to fix the problem and train its employees for security best practices.
Firms also often need to invest in a new security vendor and a dedicated security team (penetration testers). They will be required to completely review internal processes and introduce new security measures such as behavioral detection systems through AI and machine learning mechanics.
There is a significant risk. The type of data stolen could be used to identify a person’s political, social or sexual identification, making this data breach a potential breach of sensitive personal information. It is highly likely the encrypted passwords taken can be compromised and hackers can access a user’s other online accounts, if they use the same passwords.
In the longer term, it can be argued that the trust
Unfortunately, there is not a huge amount users can do to mitigate the fallout of a data breach. The best practice would be to recommend users change usernames and passwords for associated online accounts. Always use different and complex passwords for your accounts. Do not use dictionary words for passwords and maybe consider using a complex password generator online.
