Follow us:
  1. Home
  2. News
  3. Privacy

The Weekly Hack: Genealogy website downplays hack of 92 million users

MyHeritage says that it found ‘no evidence’ that the stolen data was used

Photo (c) ipopba - Getty Images
Services that claim to help consumers discover their ancestry have taken off in recent years, but is it wise to trust an online service with your DNA? The genealogy website MyHeritage admitted on Monday that data from more than 92 million user accounts was accessed.

MyHeritage is characterizing what happened as a “cyber security incident,” the term that has become the corporate world’s phrasing-of-choice to describe an apparent hack.

The stolen information included email addresses and encrypted passwords, though MyHeritage is downplaying the impact that the hack could have on consumer privacy. “There has been no evidence that the data in the file was ever used by the perpetrators,” the company said in a statement late Monday.

“We believe the intrusion is limited to the user email addresses...Other types of sensitive data such as family trees and DNA data are stored by MyHeritage on segregated systems, separate from those that store the email addresses, and they include added layers of security,” the company added.

The breach took place in October 2017 but was not caught until January 4, according to the company.

MyHeritage, much like competitors 23andme and, offers a service in which users can submit a saliva sample for DNA analysis. 

Whether such services can be trusted with saliva samples and DNA information became a concern after police in California captured the so-called Golden State Killer earlier this year. Suspect Joseph James DeAngelo Jr. was arrested in April thanks in part to the genealogy site GEDMatch, authorities said. Police submitted a DNA sample from a crime scene to the site and said that it had matched the suspect’s DNA that they had already taken.


The online ticketing site Ticketfly announced on Thursday that hackers stole the names, addresses, email addresses, and phone numbers of 27 million customers, though Ticketfly said that users’ credit card information was safe.

Ticketfly’s site went briefly offline after it detected the hack. But with the site up and running again, the company is requiring all users to change their passwords as a precaution.

“Upon first learning about this incident we took swift action to secure the data of our clients and fans,” a company spokesperson told Variety.

Canadian Banks

Several weeks ago, Mexico’s biggest banks lost millions of dollars to cyber criminals, and now America’s neighbor north of the border is dealing with its own bank hacking woes.

Canada’s fourth and fifth largest banks have released statements admitting that so-called “fraudsters” stole personal and financial information belonging to bank customers.

A spokesman for the Bank of Montreal told Reuters that less than 50,000 customers had their data accessed. Simplii Financial, the other bank that was hacked, said that 40,000 clients had “certain personal and account information” accessed. The banks’ handling of the breach is now being scrutinized by lawmakers.

“When will the Liberals take action to protect Canadian consumers with a digital bill of rights and stop letting these companies off the hook?,” Canadian Member of Parliament Brian Masse said, pointing to a similar measures that currently protects consumers in the European Union.

The EU’s data protection laws are generally stricter and more consumer-friendly than those implemented in the rest of the world.

Travel site wasn’t actually hacked, but hackers are telling the site’s partner properties that attempts were being made to steal hotel cash and data on guests.

Scammers reportedly sent out emails and texts warning that had been hacked. The emails directed recipients to change their password by clicking on a link, which actually exposed all information that customers with hotel reservations had submitted through the site.

” this case, there has been no compromise on systems,” a spokesman told the Daily Mail. “This property has been targeted by phishing emails sent by cyber criminals and by clicking on those emails, the property compromised its account.”

Nevertheless, promised to compensate affected customers and hotels.


The cybersecurity firm Carbon Black has a new report detailing the full scope of cryptocurrency hacks that have become regular news stories.

According to company’s new research, cybercriminals stole a total of $1.1 billion in cryptocurrency over the past six months. Their method of choice is the “dark web,” or sections of the internet that are untraceable and only accessible via special software and above-average tech skills.

In an interview with CNBC, a Carbon Black strategist warns that it is “surprisingly easy” for hackers to steal cryptocurrency.  

Take an Identity Theft Quiz

Get matched with an Authorized Partner

    Share your comments