A cyber leak involving the details of tens of millions of people was reported earlier this week. The sensitive data has been stolen from the servers of Israeli online genealogy platform called MyHeritage. The leak includes emails and hashed passwords of more than 92 million people. Announcing the news in a blog post, MyHeritage spokesperson claimed family trees and DNA data had not been affected by the leak.
The stolen data contains details of all MyHeritage users
MyHeritage was not aware of the cyber incident up until 1 p.m. EST on June 4, 2018, when the security consultant, who found the stolen data on a third party server located out of state, decided to get in touch with the DNA testing service provider. The stolen data contains details of all MyHeritage users who signed up for the service up until October 26th, 2017. There is an ongoing investigation, but it is still unclear how the hackers managed to steal the information from the company known to offer users the ability to create family trees, upload and browse through photos, and search billions of global historical records.
The company known to have 35 million family trees on its website performed an internal investigation that confirmed the leak is real and announced plans on collaborating with a cybersecurity firm to help it get to the bottom of the cyber incident. The company also announced plans to implement a two-factor authentication feature sooner than later. The good news is that the stolen passwords have been scrambled to random characters, meaning that it is not an easy task for the hackers to decode them.
However, you have to keep in mind that the cybercriminal who managed to steal the data have had more than half a year to exploit the stolen information. According to the affected company, credit card information is safe as it is always processed by third parties such as PayPal, and the DNA data of its nearly 100 million user database is stored on servers separate from the one affected by the leak.
Even though that as of this moment the DNA testing service provider does not have information confirming that the leaked data has been misused by the hackers, the Israeli company started approaching its nearly 100 million users encouraging them to change their passwords immediately.
If you’ve ever signed up for a DNA test on MyHeritage, now it may be a good time to change your password. If you happened to have used the same password on other websites, we strongly suggest you change it there too and always have fully updated antivirus software on all your smart devices. If you are a MyHeritage subscriber, keep an eye on the 2-factor authentication option too, and opt in as soon as it rolls out.