About 100 million users of Quora were affected by unauthorised access to one of its systems by a "malicious third party," the knowledge-sharing website said.
Account information, including name, email address, encrypted password and data imported from linked networks when authorised by users may have been compromised, it said.
The company said it is logging out all Quora users who may have been affected to prevent further damage.
"We are in the process of notifying users whose data has been compromised," Quora CEO Adam D'Angelo said in a blog post.
The breach, discovered on Friday, did not affect question and answers that are written anonymously, the company said, adding that it has also notified law enforcement officials.
"We have retained a leading digital forensics and security firm to assist us," it said.
The Quora Inc-owned website was founded in 2009 by D'Angelo and Charlie Cheever, two former Facebook employees.