MyHeritage -- a website that helps people research their family tree and also offers a DNA testing service -- has suffered a "cybersecurity incident". A file containing the usernames and hashed passwords of more than 92 million users was discovered on an external server by a security researcher.
The file was found to be genuine and MyHeritage is now undertaking an investigation to determine what happened. The security breach affects all users who signed up to the site up to October 26, 2017. The company says that it is taking steps to inform the relevant authorities in line with GDPR.
It seems that MyHeritage fell victim to a hack attack in late October last year, and it was at this point that the details of 92,283,889 users appear to have been stolen. The company says that there is no indication that the data has been used and it stresses: "MyHeritage does not store user passwords, but rather a one-way hash of each password, in which the hash key differs for each customer. This means that anyone gaining access to the hashed passwords does not have the actual passwords."
Full story at Betanews.
By Mark Wycislik -Wilson.
No comments:
Post a Comment