Online genealogy researchers may find their data has been exposed

Plenty of social media sites fall prey to data breaches. Recently, another victim has emerged. According to The Seattle Times, leading geneology and DNA-testing company, My Heritage, “disclosed that a researcher had found on a private server the email addresses and hashed passwords of every customer that had signed up for its service.”

MyHeritage broke the news on Monday in a blog post, where it stated that the leak included 92 million accounts. The breach occurred on October 26th, 2017 – an entire seven months ago – and all accounts created before then are presumably at risk.

“There has been no evidence that the data in the file was ever used by the perpetrators,” the blog post asserted. Even if it had been, MyHeritage has promised users that it does not store credit card information and “sensitive data such as DNA information and family trees are stored on systems that are separate from those that contain email addresses.” These systems, MyHeritage believes, has not been compromised.

MyHeritage has not disclosed why this breach went undetected for so long, but the company said it is taking “immediate steps” to hire an independent cybersecurity firm to investigate.

Source: seattletimes.com – Ancestry service MyHeritage says 92 million customer email addresses were exposed
Published: June 5, 2018