Q & A site Quora announced on Monday that it suffered a major cyber attack. The name, email addresses, encrypted passwords, user account settings and IP addresses of 100 million customers were abused.
It is reported that public actions and content, including questions, answers, comments and blog posts, were also accessed.
Law enforcement has also been notified, but the company has stated that the incident has been "contained" and that is the case I believe that Quora users who have anonymously contributed data to the platform are not affected because The company does not collect identity information for users who post anonymously.
Another Day, Another Violation
In the statement, the company said, "On Friday, we found that some user data was compromised by a third party who gained unauthorized access to one of our systems." The company added It is investigating the hack and its own internal security team will work with a digital forensic and security firm to get to the bottom of it. "
The world still seems to be recovering from the last moment The attack on the Marriott hotel a week that affected about half a billion people is the attack on Quora, which reminds organizations of safety in the country To keep chess.
As a precautionary measure, Quora diverts the persons suspected of being affected. The company also sends a password reset.
Security experts take action
Against this backdrop, cybersecurity experts from the UK and the Atlantic have commented on the recent violation:
Javan Alady, security attorney at Javan Alvad Malik, said the infringement was "significant, but not only for the Number of records, but also for the information about people contained therein. As we saw in the Cambridge Analytica fiasco, access to personal preferences, tastes and other preferences can be used against individuals. "Malik points out that companies that collect or own a lot of personal information need to seriously invest in security by saying," This can begin with checking all the data it contains and evaluating whether all the data is needed. Companies should also look at segment data so that, in the event of a breach, the damage can be limited to a subset of the data rather than fully revealed. "
Tim Erlin, Vice President of Tripwire, believes the time will be right to tell the full reason for the attack. He said "unauthorized access" is a phrase that can cover a range of scenarios, from accidental disclosure to a sophisticated attack. While we may learn more about the details of this injury, they are likely to come out long after the next Newscycle incident. "People should also be careful when sharing information with organizations, and this violation should be so." A good reminder that your personal information may be exposed through websites and services that you do not consider confidential. "
Disclose All the Details
The first line in Quora's statement is more revealing to Julien Cassignol, senior IAM, and PAM Solution Architect to One Identity, who believes Quora has a lot to answer for in terms of security.
"First, Quora said," some user data ". What data was retrieved and compromised? Who accessed what? What was the motivation for this approach? This clearly underscores the need to allow businesses to verify access to data through both automated actions and users. Providing a solid-logging infrastructure and privileged access privileges provides this kind of information.
"Second, the infringement was" initiated by a third party ". How can a third party access such sensitive data? How were they identified? Did you have the appropriate permissions to access this data? It is therefore necessary to have a suitable repository with this information. It should also be a requirement for organizations to record the reason why access is granted to individuals or third-party organizations. This privilege and the automated process to revoke these rights, when they no longer apply, are not only optional, but have become standard procedures.
"The last piece missing in the jigsaw is:" Who has received unauthorized access. "Once an organization knows what is being done, who is running it, and what permissions are required to perform such an action, it will have a clearer picture of how the violation occurred. Unauthorized access to certain systems did not enforce any policies at one point during this incident, which made the violation possible. Therefore, it is important for organizations to understand the existing infrastructure, who can access the system, and what rights these people have. This can significantly reduce the threat of an attack. "
And another day, another violation.