The genealogy website and family networking service provider MyHeritage said on Monday that a data breach from late October, 2017, had resulted in the data of 92 million of its users being leaked. The breach was discovered when a security researcher noticed a file with email addresses and passwords that were hashed sitting on a server that did not belong to the company. The researcher then brought this to the attention of Chief Information Security Officer, which prompted further investigation into the total extent of this leak of information. The company reassured its users that no other information was found outside of the servers, or on the original server where this first file was located.
MyHeritage offers services related to family trees and making connections with family members once thought to be long-lost, or even to build up a repository of information regarding a user’s lineage through several generations of a family tree. There is also a DNA test that users can take to get more accurate results of the exact make-up of their genetic code as it comes from all the various branches in their family tree that they were probably never aware of. The ability to then connect with people and rekindle family bonds was the added advantage, the icing on the cake if you will, of being able to amass this information. It was lucky that none of this additional data has been accessed, although, the extent of the breach is still being examined.
The company has indicated that it is taking steps to work with an independent cybersecurity agency to understand the full extent of this leak, and to study ways to improve the overall security to limit the potential for the same in future.