DNA testing company MyHeritage exposes data of 92 million users

by Gabriel E. Hall - -

MyHeritage is informed about the cybersecurity incident which occurred back in October 2017

MyHeritage exposes data of 92 million users

MyHeritage, the company focusing on DNA testing and family ancestry, has recently announced about a serious leakage involving 92.3 million of its users. The company became aware about the security breach on 4th of June, aAfter being informed by an anonymous security researcher about an unprotected file called myheritage on a private server.

According to MyHeritage blog post,[1] the leak affects users who registered for their service prior to October 26, 2017, which is the date of the data breach. As soon as the security researcher contacted the company, they began the investigation which confirmed that as many as 92,283,889 e-mail addresses and hashed passwords were harvested from a legitimate database.

The company is confident that the data breach only affected users' emails

As the researcher pointed out, no other databases were found on a private server and the data file discovered there has never been used for any purpose by hackers. Fortunately, MyHeritage does not collect clients' passwords. Instead, they store one-way hash which differs for each user. Thus, the company is confident that users' passwords are safe, and only e-mail addresses were leaked.

Omer Deutsch, Chief Information Security Officer of MyHeritage, also added that the company cannot see any signs of more accounts being jeopardized after October 2017:

Since Oct 26, 2017 (the date of the breach) and the present we have not seen any activity indicating that any MyHeritage accounts had been compromised.

Fortunately, the account information of visitors is not stored by the company. MyHeritage relies on trusted billing providers, including PayPal and BlueSnap. Additionally, all the other sensitive information stored by the firm (such as DNA data or family tree history) is stored in a separate database which has an extra layer of protection against hacks.

The extra precaution steps taken by MyHeritage

According to Deutsch, once they were informed about the leak, an immediate investigation was launched by Information Security Incident Response Team. The company hired a professional cybersecurity company to take on investigation to acquire more details about the incident and take extra precaution measures in order to protect personal user data in the future.

In addition, MyHeritage promised to launch two-factor authentication[2] service that could help users protect their accounts even further. Additionally, Deutsch urged all customers to change passwords for maximum safety. He added:

For now, there are no other actions that MyHeritage users need to take as a result of this incident. However, we always recommend that you take the time to evaluate your security practices. Please, avoid using the same password for multiple services or websites. It’s good practice to use stronger passwords and to change them often.

Data breach is still believed to be a serious concern

Many security experts are concerned[3] about the information technology security practices undertaken by various companies and organizations. Employees and employers should be more aware of security risks, and proper training in cybersecurity should be one of the top priorities in the current time. 

While Equifax data leak[4] exposed private information of 147.9 million users (which is considered the largest leak to date), there were several other incidents[5] in the past few years. Even though MyHeritage data breach, most likely, consisted of only users' emails, it is still private information which should be kept away from crooks hands.

Prevent websites, ISP, and other parties from tracking you

Private Internet Access is a VPN that can prevent your Internet Service Provider, the government, and third-parties from tracking your online and allow you to stay completely anonymous. The software provides dedicated servers for torrenting and streaming, ensuring optimal performance and not slowing you down. You can also bypass geo-restrictions and view such services as Netflix, BBC, Disney+, and other popular streaming services without limitations, regardless of where you are.

A VPN is also crucial when it comes to user privacy. Online trackers such as cookies can not only be used by social media platforms and other websites but also your Internet Service Provider and the government. Even if you apply the most secure settings via your web browser, you can still be tracked via apps that you are connected to the internet. Besides, privacy-focused browsers like Tor is are not an optimal choice due to diminished connection speed.

Therefore, to stay completely anonymous and prevent the ISP and the government from spying on you, you should employ Private Internet Access VPN. It will allow you to connect to the internet while being completely anonymous, prevent trackers, ads, as well as malicious content. Most importantly, you will prevent the illegal surveillance activities that NSA and other governmental institutions are performing behind your back.


Recover your lost files quickly

Unforeseen circumstances can happen at any time while using the computer: it can turn off due to a power cut, a Blue Screen of Death (BSoD) can occur, or random Windows updates can decide to reboot the machine when you went away for a few minutes. As a result, your schoolwork, important documents, and other data might be lost.

Additionally, you might also be attacked by malware that can corrupt your Windows or encrypt files with a robust encryption algorithm, and ask for a ransom in Bitcoin for the decryption tool. Cybercriminals might not deliver what they promised, however, so it is better to attempt alternative file recovery methods that could help you to retrieve at least some portion of the lost data.

Data recovery software is one of the options that could help you recover your files. Once you delete a file, it does not vanish into thin air – it remains on your system as long as no new data is written on top of it. Data Recovery Pro is recovery software that searchers for working copies of deleted files within your hard drive. By using the tool, you can prevent loss of valuable documents, school work, personal pictures, and other crucial files.

About the author
Gabriel E. Hall
Gabriel E. Hall - Passionate computer expert

Gabriel E. Hall is an expert troubleshooter who has been working in the information technology industry for years.

Contact Gabriel E. Hall
About the company Esolutions


Your opinion regarding DNA testing company MyHeritage exposes data of 92 million users