The information that has been compromised, Quora said includes, "account information, e.g.name, email address, encrypted (hashed) password, data imported from linked networks when authorized by users".
Non-public content and actions, e.g. answer requests, downvotes, direct message.
"There's little hope of sharing and growing the world's knowledge if those doing so can not feel safe and secure, and can not trust that their information will remain private", the Quora founder wrote.
"We have retained a leading digital forensics and security firm to assist us", it said.
The company is in the process of informing affected users about the breach. The number of people involved potentially affected by the breach of the reservation database made it one of the largest ever cyberattacks on a company. It has logged all users out, and forcing all accounts with a password to reset that password.
The company added: "The overwhelming majority of the content accessed was already public on Quora, but the compromise of account and other private information is serious". Those wishing to delete their account can do so in the settings section and the deactivation will happen immediately.
Saket Modi, Co-Founder & CEO, Lucideus, an enterprise cybersecurity platforms company, said, "Between last week's Marriot hack of 500 Million accounts and Quora's 100 Million accounts, at least 16% of the total internet users (as the Internet has 3 Billion users) data has been compromised". Anyone who had reused a password elsewhere is advised to create a new password for that account too.
"We are working rapidly to investigate the situation further and take the appropriate steps to prevent such incidents in the future". Law enforcement has been notified, it added.