Hackers seem to have an insatiable craving for data. They chase just about anything where they can find a large chunk of user data. A couple of days ago, MyHeritage went through a similar incident as it has reported in its official blog. MyHeritage is an online genealogy website that allows users to create family trees and search and create historical records. It also serves as a DNA testing service. The customers can send them their saliva samples to get their genetic information.
92 Million MyHeritage Accounts’ Data Found On External Servers
As the company states in the blog post, a security researcher informed them of a possible data breach upon discovering something serious. He found a file named as ‘myheritage’ on an external server that contained email addresses and hashed passwords. Being dubious, he shared the information with the security team of MyHeritage, which then confirmed that the data actually belonged to their users. The file contained details of 92 million users who signed up on their website up to October 26, 2017.
The file allegedly contained users’ email addresses and hashed passwords. Fortunately, the firm never saves passwords of their users. Rather they store a ‘one-way hash’ for each password of every individual customer. Therefore, the hackers couldn’t succeed in extracting real passwords.
Besides, it also confirms the safety of other information.
“We believe the intrusion is limited to the user email addresses. We’ve no reason to believe that any other MyHeritage systems were compromised.”
Moreover, as confirmed by the security researcher, the data seems not used anywhere by the culprits.
MyHeritage Takes Quick Actions To Subside The Data Breach
Although the leaked data had no sensitive information about their users, the organization seems concerned about their users’ privacy and have set up an investigative team to dig out the matter. They are also working out a two-factor authentication to facilitate their users in maintaining their confidentiality.
“We will be expediting our work on the upcoming two-factor authentication feature that we will make available to all MyHeritage users soon.”
They have also set up a 24/7 customer support for the convenience of their customers. Anyone having concerns about this incident can contact them via the email address or their official contact number to discuss the matter.
They also advise their customers to change their passwords as a precaution. Moreover, they repeat the same advice which serves as first-line of defense regarding cybersecurity – never set up the same password for multiple sites.
Let us know your thoughts in the comments below.