Account names and passwords for DNA analysis are out on the street
A genealogy and DNA research service, MyHeritage, has a data breach. The email addresses and passwords of 92 million accounts were stolen last year. DNA data has not been stolen.
MyHeritage received a notification Monday that a file containing information about its users was online on a private server. After an investigation, the service did indeed find a file containing the email addresses and password hashes of a total of 92,283,889 users.
It concerned all users of the service who had registered up to October 16. On that day, malicious parties managed to penetrate MyHeritage’s systems and siphon the data. The service reports that there are no indications that the data has been misused.
The service also says that the data on family tree research and DNA analysis are on systems other than those with the e-mail addresses and that they are extra secured. MyHeritage does not believe that other systems have been compromised.
The service advises users to change their passwords and claims to accelerate two-step authentication. MyHeritage offers family tree research and provides a DNA kit for collecting cheek mucus for a fee.