MyHeritage DNA testing service says breach affected 92M users' data

MyHeritage DNA testing service says breach affected 92M users' data

MyHeritage said Monday in a blog post that the breach involved roughly 92 million user accounts that were created through October of a year ago.

The breach took place on October 26 past year, and consisted of the email addresses and hashed passwords of users who signed up to the website up to the date of the breach, according to the blog post. The website now has 96 million users from around the world with 1.4 million of them who have taken the DNA test. MyHeritage does not store user passwords, but rather a one-way hash of each password, in which the hash key differs for each customer.

"There has been no evidence that the data in the file was ever used by the perpetrators", the company said.

A hacker who gains access to the hashed passwords doesn't have the actual passwords, MyHeritage said.

Hashing passwords is a one-way encryption process allowing sensitive data to be stored easily, and although there are theoretically ways to reverse hashing, they involve enormous amounts of computing power and quite a bit of luck. While passwords were part of the compromised file, each was hashed using an algorithm that renders them useless in the event of the breach. This server contained email addresses and hashed passwords.

Pew Research: Teens Love YouTube, Not So Much Facebook
Facebook is no longer the most popular social media site among teenagers ages 13 to 17, according to a new study . The Pew Research Center revealed on Thursday that only 51% of United States teens use Facebook .

Researchers at the University of Washington encoded a strand of DNA to contain malware, which allowed them to take remote control of a computer that was being used to process genetic data.

MyHeritage has set up an Information Security Incident Response Team to investigate what happened. "As an example, credit card information is not stored on MyHeritage to begin with, but only on trusted third-party billing providers". The company says that it is taking steps to inform the relevant authorities in line with GDPR. And other sensitive information, such as DNA data and family trees, are stored separately from email addresses and have extra layers of security.

MyHeritage recommends users change their passwords and said they should take advantage of a two-factor authentication feature the company plans to release soon.

The company said it had no reason to believe any other systems were compromised, and had not seen any activity indicating accounts were compromised as a result of the leak.

A full report will likely take a while; the company is planning to hire an external security firm to look into the breach, and is working on notifying relevant authorities under USA laws and GDPR, among others.

Related Articles

  • Study finds women with early breast cancer may avoid chemotherapy

    Study finds women with early breast cancer may avoid chemotherapy

    Overall survival was also higher in the group given this radiation treatment (73.2%) compared to control patients (70.8%). A sample of the tumour is tested after surgery for 21 genetic markers, which indicate if it could grow and spread.
    SpaceX SES 12 launch lights up the night

    SpaceX SES 12 launch lights up the night

    SES-12 will operate in the Ku and Ka-bands with a total of 76 active transponders and eight antennas. The good side of all this is it actually extends our (on orbit) life capability from 15 to 22 years.
    Sanofi responds to Roseanne Barr's alibi: Ambien doesn't make you racist

    Sanofi responds to Roseanne Barr's alibi: Ambien doesn't make you racist

    After Sara and Michael slammed her social media activity, she tweeted that they had thrown her "under the bus". One person who claims he saw Roseanne Barr's Twitter scandal coming is her ex-husband, Tom Arnold .
  • South China Sea dispute: Beijing attacks 'irresponsible' United States  comments

    South China Sea dispute: Beijing attacks 'irresponsible' United States comments

    Mattis is speaking at the Shangri-La Dialogue conference that includes defense chiefs, analysts and other leaders from the region. Beijing's actions were aimed at "national defence", he added in quotes reported by AFP.
    Melania Trump skipping G7, North Korea summits

    Melania Trump skipping G7, North Korea summits

    Trump sent out a tweet on May 30, claiming she was "feeling great" and was back to work behind the scenes at the White House . The first lady underwent an embolization procedure on Monday, May 14, likely to remove a cyst from her kidney.

    Warriors vs. Cavaliers, Game 2 on Sunday night

    The Warriors and Cavaliers, who are playing in their fourth consecutive NBA Finals, will meet in Game Two in Oakland on Sunday. LeBron James kept Cleveland close despite Golden State's torrid shooting with 10 points, five assists and four rebounds.
  • Novak Djokovic, Grigor Dimitrov break rackets at French Open

    Novak Djokovic, Grigor Dimitrov break rackets at French Open

    Perhaps the most remarkable part of this result was that Djokovic repeatedly failed to close out the fourth set and force a fifth. Djokovic was back with his former coach, Marián Vajda, who said Djokovic was not at his best at Roland Garros, but improving.
    Trump to Revives Summit with North Korean Leader

    Trump to Revives Summit with North Korean Leader

    One other issue that could be resolved ahead of the June 12 summit: Whether or not Trump has already spoken to Kim by phone. Kim Yong-chol, vice-chairman of North Korea's ruling party executive and a veteran regime insider met with the U.S.
    Lava flow from spewing fissure threatens escape route on Hawaii's Big Island

    Lava flow from spewing fissure threatens escape route on Hawaii's Big Island

    Hawaii County spokeswoman Janet Snyder says as of Monday, June 4, 2018, lava burned down 117 homes. "It stings", he said. Hawaii Civil Defence Administrator Talmadge Magno has advised people to stand at least 1,000 feet back from the area.
  • Apple just took a shot at Facebook's web-tracking empire

    Apple just took a shot at Facebook's web-tracking empire

    The developer preview of iOS 12 is available now and a public beta programme will be available to iOS users later this month. Along with these new third-party apps, Apple has also introduced four new apps: Home , News, Stocks , and Voice Memos .
    Serena exits French Open before Sharapova showdown

    Serena exits French Open before Sharapova showdown

    The athlete said she first noticed chest pain during a victorious match against Julia Görges on Saturday, June 2. It's disappointing for me, the fans and the tournament that it's not going to happen.
    China issues statement after second round of trade talks with US

    China issues statement after second round of trade talks with US

    Treasury Secretary Steven Mnuchin stated then that the USA tariffs had been suspended and the commerce conflict was "on maintain". Ross mentioned in the meeting that China would buy specific USA products though no official statement was released on the same.