DNA Testing Company MyHeritage, Hacked: 92 Million Users Affected

(Credit: MyHeritage)

A security breach at genealogy website MyHeritage has leaked the data of over 92 million users, the company said on Monday. 

This follows only months after a major breach at Ancestry.com where over 300,000 users’ details were leaked. 

The breach actually took place in October last year, leaking details including users’ passwords and email addresses. The data discovered includes users who signed up for the service on or before 26. October, totalling 92,283,889 people.

The company became aware of the breach after a security researcher reached out to the company’s chief information security officer with “a file named myheritage containing email addresses and hashed passwords, on a private server outside of MyHeritage,” the release says. 

Luckily, no credit card info, nor genetic data appears to have been collected. 

“This should serve as a serious wake-up all for all handlers of genetic data,” said Rashmi Knowles, EMEA Field CTO at RSA Security. “If your password is stolen, it can be updated, but this isn’t the case with genetic information — you only have one genetic identity, so if this is stolen there are potentially much more serious consequences.” 

“There’s even a possibility that hackers can amend or even delete genetic data in some cases, which could have serious implications for the victim and the level of healthcare or even health insurance they could access in the future,” Knowles said.

MyHeritage said it is investigating the breach and taking steps to engage an independent cybersecurity company to review the incident. 

All MyHeritage users are advised to change their passwords.