Menu

MyHeritage Account Data Compromised in “Cybersecurity Incident”

A security researcher found the email addresses and encrypted passwords of more than 92 million users of the genealogy site on a private server outside the company.

Jun 6, 2018
Catherine Offord

ISTOCK, FATIDOThe account information of more than 92 million users of online genealogy platform MyHeritage has been compromised, according to a statement released by the company on Monday (June 4). Last October, in what the statement calls a “cybersecurity incident,” email addresses and encrypted password information were leaked from the company’s website by unknown actors.

The breach was first brought to the company’s attention by a security researcher, who discovered a file called “myheritage” on a private server, according to the statement. “Our Information Security Team received the file from the security researcher, reviewed it, and confirmed that its contents originated from MyHeritage and included all the email addresses of users who signed up to MyHeritage up to October 26, 2017, and their hashed passwords.”

The statement notes that there is “no reason to believe” that other information—such as credit card numbers (which are not stored by MyHeritage) or DNA data (which are stored on separate MyHeritage systems)—has been affected. Other genealogy platforms such as 23andMe take a similar approach to distributing information, keeping email and password information separate from genetic data.

Laura Hercher, who teaches about genetics and ethics at Sarah Lawrence College, tells STAT News that, while it’s unclear how this information or even DNA data themselves might be used, “when you put DNA and privacy together in a sentence, understandably and correctly, it makes people nervous.” Although, she adds, “I would rather give someone my DNA than my social security number, my search history, or my credit card.”

Harvard Medical School’s Robert Green, speaking to Science News before word of the breach at MyHeritage had spread, notes that there’s an inherent risk with storing personal information online. Following high-profile security breaches at large companies including Equifax and Facebook, “there’s an ongoing, slow-motion realization that there are so many avenues where our privacy can be compromised,” he says.

MyHeritage recommends in the statement that users change their passwords for “maximum safety,” and notes that the company is undertaking its own investigation of the incident.

April 2019

Will Car T Cells Smash Tumors?

New trials take the therapy beyond the blood

Marketplace

Sponsored Product Updates

Application of TruBIOME™ to Increase Mouse Model Reproducibility
Application of TruBIOME™ to Increase Mouse Model Reproducibility
With this application note from Taconic, learn about the effects of the microbiome on reproducibility and predictability and how TruBIOME™ helps researchers generate custom microbiota mouse models!
Getting More Consistent Results by Knowing the Quality of Your Protein
Getting More Consistent Results by Knowing the Quality of Your Protein
Download this guide from NanoTemper to learn how to identify and evaluate the quality of your protein samples!
Myth Busting: The Best Way to Use Pure Water in the Lab
Myth Busting: The Best Way to Use Pure Water in the Lab
Download this white paper from ELGA LabWater to learn about the role of pure water in the laboratory and the advantages of in-house water purification!
Shimadzu's New Nexera UHPLC Series with AI and IoT Enhancements Sets Industry Standard for Intelligence, Efficiency and Design
Shimadzu's New Nexera UHPLC Series with AI and IoT Enhancements Sets Industry Standard for Intelligence, Efficiency and Design
Shimadzu Corporation announces the release of the Nexera Ultra High-Performance Liquid Chromatograph series, incorporating artificial intelligence as Analytical Intelligence, allowing systems to detect and resolve issues automatically. The Nexera series makes lab management simple by integrating IoT and device networking, enabling users to easily review instrument status, optimize resource allocation, and achieve higher throughput.