Menu

MyHeritage Account Data Compromised in “Cybersecurity Incident”

A security researcher found the email addresses and encrypted passwords of more than 92 million users of the genealogy site on a private server outside the company.

Jun 6, 2018
Catherine Offord

ISTOCK, FATIDOThe account information of more than 92 million users of online genealogy platform MyHeritage has been compromised, according to a statement released by the company on Monday (June 4). Last October, in what the statement calls a “cybersecurity incident,” email addresses and encrypted password information were leaked from the company’s website by unknown actors.

The breach was first brought to the company’s attention by a security researcher, who discovered a file called “myheritage” on a private server, according to the statement. “Our Information Security Team received the file from the security researcher, reviewed it, and confirmed that its contents originated from MyHeritage and included all the email addresses of users who signed up to MyHeritage up to October 26, 2017, and their hashed passwords.”

The statement notes that there is “no reason to believe” that other information—such as credit card numbers (which are not stored by MyHeritage) or DNA data (which are stored on separate MyHeritage systems)—has been affected. Other genealogy platforms such as 23andMe take a similar approach to distributing information, keeping email and password information separate from genetic data.

Laura Hercher, who teaches about genetics and ethics at Sarah Lawrence College, tells STAT News that, while it’s unclear how this information or even DNA data themselves might be used, “when you put DNA and privacy together in a sentence, understandably and correctly, it makes people nervous.” Although, she adds, “I would rather give someone my DNA than my social security number, my search history, or my credit card.”

Harvard Medical School’s Robert Green, speaking to Science News before word of the breach at MyHeritage had spread, notes that there’s an inherent risk with storing personal information online. Following high-profile security breaches at large companies including Equifax and Facebook, “there’s an ongoing, slow-motion realization that there are so many avenues where our privacy can be compromised,” he says.

MyHeritage recommends in the statement that users change their passwords for “maximum safety,” and notes that the company is undertaking its own investigation of the incident.

September 2018

The Muscle Issue

The dynamic tissue reveals its secrets

Marketplace

Sponsored Product Updates

Enabling Genomics-Guided Precision Medicine

Enabling Genomics-Guided Precision Medicine

Download this eBook from Qiagen to learn more about the promise of precision medicine and how QCITM Interpret can help deliver better care with better knowledge.

Best Practices for Sample Preparation and Lipid Extraction from Various Samples

Best Practices for Sample Preparation and Lipid Extraction from Various Samples

Download this white paper from Bertin Technologies to learn how to extract and analyze lipid samples from various models!

Bio-Rad Launches CHT Ceramic Hydroxyapatite XT Media and Nuvia HP-Q Resin for Process Protein Purification

Bio-Rad Launches CHT Ceramic Hydroxyapatite XT Media and Nuvia HP-Q Resin for Process Protein Purification

Bio-Rad Laboratories, Inc. (NYSE: BIO and BIOb), a global leader of life science research and clinical diagnostic products, today announced the launch of two new chromatography media for process protein purification: CHT Ceramic Hydroxyapatite XT Media and Nuvia HP-Q Resin.

Immunophenotypic Analysis of Human Blood Leukocyte Subsets

Immunophenotypic Analysis of Human Blood Leukocyte Subsets

Download this application note from ACEA Biosciences, Inc., to find out how to perform an immunophenotypic analysis of a human blood sample utilizing 13 fluorescent markers using a compact benchtop flow cytometer equipped with 3 lasers!