+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 
  • Home
  • Enterprise
  • Genealogy site MyHeritage discovered passwords of 92 million accounts on a private server, but says the data was encrypted

Genealogy site MyHeritage discovered passwords of 92 million accounts on a private server, but says the data was encrypted

Rachel SandlerJun 6, 2018, 00:39 IST

myheritage

Advertisement
  • A security researcher informed DNA testing and genealogy website MyHeritage that a file with 92 million user email addresses and scrambled passwords were found on a server outside of the company.
  • MyHeritage does not believe the information was actually used by the perpetrators.
  • Credit card information, family trees, and DNA data were not part of the breach, the company says.

A data breach has exposed 92 million accounts on DNA testing and genealogy website MyHeritage, the company said on Tuesday.

The breach was discovered by a security researcher who notified MyHeritage on Tuesday that a trove of email addresses and hashed passwords were sitting on a private server somewhere outside of the company. Because the passwords were hashed, the actual passwords weren't exposed - hackers only got access to a scrambled string of text compiled by crytogaphic algorithms.

MyHeritage said that the hashing is "one-way," meaning that it is almost impossible to turn the hashed password back into the original. And each hash key, which could be used to revert the hashed passwords back, differs for each user.

The Israeli-based MyHeritage lets people send in swabs of DNA to uncover their ethnic origins and family history.

Advertisement

The 92,283,889 million accounts present on the server included users who signed up for the service up until Oct. 26, 2017, the date MyHeritage believes the breach occurred. The company said it does not have evidence that any information was actually used by those responsible for the breach.

"There has been no evidence that the data in the file was ever used by the perpetrators," the company said. "Since Oct. 26, 2017 (the date of the breach) and the present we have not seen any activity indicating that any MyHeritage accounts had been compromised."

More sensitive information, such as credit card information, family trees, and DNA data, are stored in a different place than email addresses and passwords, and MyHeritage believes that information was never compromised.

In response the the incident, MyHeritage is rolling out two-factor authentication, which lets users login using a code sent to a mobile device in addition to a password.

NOW WATCH: This one-of-a-kind snowboard is filled with LEDs

You are subscribed to notifications!
Looks like you've blocked notifications!
Latest Stories
Coldplay concert 2025 signals massive travel boom; triggers 33x increase in Mumbai hotel searches: Agoda
Apollo Green Energy to go public next year – aims to build ₹10,000 crore project portfolio
Singham Again passes the ‘Monday test’ — Here's the first-weekend box office breakdown
₹1.89 lakh per month for summer internship! Freshers at this institute bag bumper monthly stipend
Happy Chhath Puja 2024: Heartfelt wishes, messages, and status updates to share on WhatsApp and Facebook
Trending News
Next Article
Next Story
Popular Categories
Trending Right Now

Copyright @ 2024. Times Internet Limited. All rights reserved.For reprint rights. Times Syndication Service.