A web-based genealogy and DNA testing platform revealed this week that hackers breached its system and stole emails and hidden passwords belonging to more than 92 million users.
MyHeritage said it became aware of the breach, which occurred last year, just this week. The company said that it has no evidence that other sensitive information was taken or that the stolen data was used for malicious purposes.
In a blog post on Monday, a company official said MyHeritage had been contacted by an independent security researcher about a file found on a private server that appeared to contain information from MyHeritage users.
The company investigated the report and confirmed that the file contained data on more than 92 million users who had signed up for the genealogy service before late October 2017, when the company says the breach occurred.
The data included user email addresses and hashed passwords — passwords that are hidden for security purposes through a one-way encryption function, meaning that the hackers would not be able to view the actual passwords corresponding to user accounts.
“There has been no evidence that the data in the file was ever used by the perpetrators,” Omer Deutsch, MyHeritage’s chief information security officer, wrote. He added that the company has “not seen any activity indicating that any MyHeritage accounts had been compromised” since the date of the breach.
The company emphasized that it does not store sensitive information, like user DNA data or family information, on the same system where it stores user email addresses. Instead, this information is held on a separate system where there are more layers of security.
……..
- Discussion
-
Genealogy platform says hackers stole data on over 92M users https://t.co/5wVGHq1vYw pic.twitter.com/f4WN5t5U9c
— The Hill (@thehill) June 6, 2018
You must be logged in to reply to this topic.