Emails of Over 92 Million Users Stolen from Genealogy Company MyHeritage

Renderings of DNA strands

Renderings of DNA strands

The breach was discovered by a security researcher who notified MyHeritage on Tuesday that a trove of email addresses and hashed passwords were sitting on a private server somewhere outside of the company.

Today, June 4, 2018 at approximately 1pm EST, MyHeritage's Chief Information Security Officer received a message from a security researcher that he had found a file named myheritage containing email addresses and hashed passwords, on a private server outside of MyHeritage.
Its database now has DNA samples from over 1.25 million people. The company doesn't store users' actual passwords; it transforms them into a jumble of characters, and performs the same operation when you enter your password to see if it matches the stored data.

MyHeritage said that the hashing is "one-way", meaning that it is nearly impossible to turn the hashed password back into the original. Instead it uses a one-way hash of each password, in which the hash key differs for each customer. The company noted there's no evidence the hackers used the breached data, nor does it believe any accounts were compromised as a result of the hack. In 2012 and 2016 nearly 200 million LinkedIn user passwords went on sale following a 2012 breach, despite the fact the service hashed its passwords. But, Hercher said, the security breach involving MyHeritage doesn't seem to be any different than security breaches at other companies that don't work with genetic information.

"Here's what many consumers don't realize, that their sensitive information can end up in the hands of unknown third-party companies", Schumer said last November.

South China Sea dispute: Beijing attacks 'irresponsible' U.S. comments
The and regional allies accuse China of militarising the region as part of its efforts to lay claim to the contested territory. The ministers gave speeches on Sunday, the final day of the conference in Singapore that is known as the Shangri-La Dialogue.

Prince Harry, Duchess Meghan's Future Daughters May Not Inherit Titles
For Meghan and The Queen's work day next week up in Cheshire, Megs gets to ride on the fancy train with her grandmother-in-law. Sarah, who plays Donna Paulsen in the hit drama, revealed that watching Meghan say "I do" was a very proud moment for her.

Workers cautiously resume rescue efforts near Guatemala volcano
One More Child's Vice President Andrew Tattrie said members have been keeping the organization up to date with what's happening. Experts say the volcano emitted something different than what has been seen in Hawaii, a pyroclastic flow .

However, MyHeritage has reemphasized in its statement that it hosts its DNA data on "a segregated system", which includes added layers of security, and no data has been breached. "We have no reason to believe those systems have been compromised", the company said.

The Israeli company said it has hired an unnamed outside cybersecurity firm to respond to the incident, and it is formally informing all the authorities required by Europe's recently implemented GDPR law.

Mr Deutsche added: "For all registered users of MyHeritage, we recommend that for maximum safety, they change their password on MyHeritage".

He also outlined how the company intends to bolster its security measures in future, including rolling out two-factor authentication to its users, as well as setting up a 24/7 security customer support team to assist users with concerns about the incident.

Latest News