The only data effected included email addresses and hashed passwords. While the breach was only recently reported on, it originally occurred in late October 2017. MyHeritage was only made aware of it when a security provider found data on an external private server. Since the attack, there is no evidence that the hackers used the data in a malicious way.
MyHeritage is an Isreali genealogy platform where users can create family trees and browse photos of distant family members.
In a comment MyHeritage said, “Other types of sensitive data such as family trees and DNA data are stored by MyHeritage on segregated systems, separate from those that store the email addresses, and they include added levels of security.”
Since the attack, the firm has introduced an Information Security Incident Response team that will solely focus on the investigation of the breach. Furthermore, they have hired an external cybersecurity to conduct a thorough analysis of their security systems. Also, they have alerted the necessary authorities as per new found European Legislation GDPR. Finally, MyHeritage suggests that all users should take precautionary measures and change their password.
MyHeritage reported on this incident in a blog that can be found here.
To prevent a similar situation from happening to your business feel free to reach out and see we can solve your cybersecurity needs.