MyHeritage DNA Service Exposes 92 Million Account Details

There are data breaches and then there are data breaches. Depending on the personal or sensitive information that is being leaked, data breaches can be true privacy nightmares.

This may have been the case for MyHeritage customers, an Israeli-based genealogy and DNA testing service that almost exposed the data of 92 million account details. Apparently, researchers found those records sitting on a server, as evident by announcement made by MyHeritage. Luckily, nothing malicious has happened but a lesson should be learned, most definitely.

MyHeritage Almost-Data-Breach Explained

Here is part of MyHeritage’s official announcement:

Today, June 4, 2018 at approximately 1pm EST, MyHeritage’s Chief Information Security Officer received a message from a security researcher that he had found a file named myheritage containing email addresses and hashed passwords, on a private server outside of MyHeritage. Our Information Security Team received the file from the security researcher, reviewed it, and confirmed that its contents originated from MyHeritage and included all the email addresses of users who signed up to MyHeritage up to October 26, 2017, and their hashed passwords, the announcement reads.

The sensitive data belongs to users who signed up to MyHeritage up to and including October 26, 2017, the date of the breach.

MyHeritage enables users to create family trees and search through historical records with the idea to unearth their ancestry. As reported in January 2017, the company has gathered 35 million family trees on its official website.

What are the consequences of the MyHeritage incident?

According to the company, there is no reason to believe that the sensitive user data has been compromised in any way. Customer credit card information is processed by third-parties like PayPal, and users’ DNA data is stored on systems other (Read more...)

*** This is a Security Bloggers Network syndicated blog from How to, Technology and PC Security Forum authored by Milena Dimitrova. Read the original post at: https://sensorstechforum.com/myheritage-dna-service-92-million-accounts/