MyHeritage Site Was Hacked, 92 Million Mail Details Were Stolen

Gilad Yefet founder MyHeritage photo Shaul Golan

 

MyHeritage site, the genealogy, and DNA testing service hacked and 92 million user mail addresses and passwords were stolen and found on a private server, according to a blog post reporting by information security chief, Omer Deutsch.

According to the post, the breakthrough was discovered after an independent investigator turned to the company and revealed a cache of addresses that their examination revealed to be part of the site.

According to the company’s report, the inventory included details of users who registered to the site until October 2017 which is the date of the breach.

The email addresses and passwords used to connect to accounts. MyHeritage doesn’t store user passwords. Instead, it uses a one-way hash of each password, in which the hash key differs for each customer. This means that anyone gaining access to the hashed passwords does not have the actual passwords.

For the people whose email addresses were stored on the private server, the impact should be minimal, MyHeritage said.

It is not clear at this stage whether the stockpile was distributed among cybercriminals, as is usual in these cases – or that it was caught early on.

The company added no other data was found on the private server, and there’s no evidence the information was ever used by the perpetrators. Other sensitive data, including family trees and DNA data, are stored on segregate systems that are separate from those that house email addresses. These systems have added security, MyHeritage said, adding that it has no reason to believe they were compromised.

The company explains that it is not known who was behind the hacking and how the hacker managed to access the information.

MyHeritage was founded in 2003 by Gilad Yefet and used for genealogical research and root search. The site is considered one of the largest in the world.

Read more about: , ,

Email:

Delivered by FeedBurner