MyHeritage Breach Could Affect 92.3 Million Users

MyHeritage Breach Could Affect 92.3 Million Users

June 12, 2018         Written By Lynn Oldshue

Genealogy websites have grown in popularity over the years. To help users trace their genetic roots, these companies offer services ranging from document searches to DNA testing.

One of these businesses, MyHeritage, recently reported a data breach that could have affected 92.3 million users. MyHeritage was made aware of the breach when a security researcher contacted the Chief Information Security Officer. The researcher sent along a file that he had found on a private server, and MyHeritage determined the email addresses and hashed passwords were from their server.

Anyone who signed up before October 26, 2017 could have been affected.

MyHeritage believes the breach is limited to email addresses and hashed passwords.

“We have no reason to believe that any other MyHeritage systems were compromised. As an example, credit card information is not stored on MyHeritage to begin with, but only on trusted third-party billing providers (e.g. BlueSnap, PayPal) utilized by MyHeritage. Other types of sensitive data such as family trees and DNA data are stored by MyHeritage on segregated systems, separate from those that store the email addresses, and they include added layers of security. We have no reason to believe those systems have been compromised,” the company reported on its website.

Since discovering the breach on June 4, the company has taken steps to help users secure their accounts. Even though the passwords were hashed, the company has expired passwords to force users to create a new password.

They have also advised users to take an abundance of caution and change their passwords on any other sites where they may have used the same password. Most security experts recommend people use a different password for every account so if one password is stolen, it will not affect other accounts.

MyHeritage is also asking users to enable two-factor authentication. With two-factor authentication, any time a user attempts to access the site from a new computer, tablet or phone, or if it has been more than a month since they last logged on, they will receive a verification code on their phone which must be entered to log-in.

The company is still in the process of contacting users, so customers have been advised to wait patiently if they have not yet received an email.

The information contained within this article was accurate as of June 12, 2018. For up-to-date
information on any of the terms, cards or offers mentioned above, visit the issuer's website.


About Lynn Oldshue

Lynn Oldshue has written personal finance stories for for twelve years. She majored in public relations at Mississippi State University.
View all posts by Lynn Oldshue
Featured Low Interest Card
Top Features : 1.25X miles on every purchase; no annual fee; bonus of 20,000 miles once $1,000 is spent in first 3 months
Featured No Annual Fee Card
Top Features : Earn cash back twice. 1% when you buy plus 1% as you pay; 0% APR for 18 months on balance transfers
Featured Bad Credit Card
Top Features : No Annual Fee; Cash Back match at the end of your first year; Social Security Alerts
Featured Fair Credit Card
Top Features : No annual fee; access to higher credit line after making first 5 monthly payments on time
Featured Limited/No Credit
Top Features : No annual fee; reports to major credit bureaus; access to higher credit line after making first 5 monthly payments on time
Featured Cash Back Card
Top Features : No Annual Fee, Bonus Offer, Cash Back