The website allows users to create family trees, search historical records, and look for possible relatives. The company said that it seems as though email addresses were the only data affected and no evidence suggests that the data was used for any nefarious objective.
The company emphasized that it does not store sensitive information, like user DNA data or family information, on the same system where it stores user email addresses.
MyHeritage said Monday in a blog post that the breach involved roughly 92 million user accounts that were created through October of a year ago. We also asked for more information on the unidentified security researcher and where the stolen data was found. Rafi Mendelsohn, MyHeritage's director of PR and social media responded by email, saying only that: "We are investigating that right now and plan to have updates on the blog over the next few days". Last month, news that investigators tracked down their suspect in the case of the Golden State Killer sparked worry about the privacy of genetic data shared with commercial sites such as MyHeritage. We have no reason to believe those systems have been compromised.
Damage seems to be limited to customer email addresses. "In many cases, the best practices for security are not being used". They're mainly damaging in connection with other data. That does not tend to allay consumer anxiety, experts say.
Designer Raf Simons and Supreme win at CFDA Fashion Awards
Kardashian, meanwhile, was in attendance at the award ceremony where she accepted the first CFDA Influencer Award . The KKW Beauty creator received the Influencer Award that evening.
Donald Trump says he can pardon himself. Can he?
The president's power can only be used to pardon someone for a federal crime, not a state one, according to a report in PBS . Even Trump's attorney, Rudy Giuliani , didn't appear to be 100-percent certain on Sunday .
Google scrubs United States military contract following protest by employees
Google's involvement in the controversial Project Maven aims to speed up the analysis of drone footage. And Google employees reportedly didn't agree with the company's decision to participate.
"There has been no evidence that the data in the file was ever used by the perpetrators", said Omer Deutsch, the company's chief information security officer in a blog post, adding that the company has not seen any indication that the accounts had been compromised. It's also working with an independent cybersecurity firm, which will conduct reviews to determine the scope of the breach and offer suggestions on preventing something like this from happening again.
In response the the incident, MyHeritage is rolling out two-factor authentication, which lets users login using a code sent to a mobile device in addition to a password.
The company said it doesn't store user passwords, and instead stores a one-way hash of every password, in which the hash key is different for every customer.