QuestionPro
HighMay 2022: QuestionPro faced an extortion attempt implicating data from 22M users, later verified.
- Records exposed
- 22,229,637 records
- Breach date
- Breach May 21, 2022
- Last update
- Updated Aug 5, 2022
What data was exposed?
Fields reported as compromised in this breach record.
Why does this breach matter?
In-depth analysis of the breach and its implications.
In May 2022, the survey platform QuestionPro experienced a significant cybersecurity challenge when threat actors claimed responsibility for exfiltrating over 100GB of data. This incident, characterized by an extortion attempt, reportedly compromised approximately 22 million unique email addresses, browser user agents, IP addresses, and survey results. While QuestionPro acknowledged the extortion attempt, they did not confirm data exfiltration. The breach data was initially classified as "unverified" but was later verified based on feedback from affected individuals.
Impact Analysis
Understanding the scope and consequences of this breach.
- User Impact
- Users faced risks related to phishing or scams leveraging the exposed data.
- Business Impact
- QuestionPro's trust reputation was impacted, necessitating rigorous security reassessment.
- Affected Sectors
- Survey platforms
- Data analysis services
- Geographic Impact
- Global
What You Should Do
Recommended actions to take in response to this breach.
If You Were Affected
- •Monitor email accounts for unusual activity.
- •Be cautious with survey links or emails requesting additional information.
- •Consider changing associated platform credentials.
Preventive Measures
- •Implement multi-factor authentication on accounts.
- •Ensure secure handling of sensitive data by platforms.
- •Limit survey participation to trusted organizations.
Frequently Asked Questions
Common questions about this breach and what it means for you.