Israel-based online genealogy platform, MyHeritage has recently revealed that last year the company’s official website was breached by unknown attackers, who flicked login credentials of more than 92 million customers. The company became aware of the hack on 4th June when a security researcher discovered a database file called "myheritage” on a private server which was located outside the company and he shared it with MyHeritage team.
The analysis of the “myheritage” file found in the database unearthed that the file had email addresses and hashed passwords of almost 92.3 million users and those were the customers, who signed up before 27th October 2017.
According to the MyHeritage team, the investigation of the breach is under process trying to identify potential exploitation of its system. Also, the company confirmed that no other data such as credit card details and family trees, genetic data were breached and is stored on a different system.
According to a MyHeritage blog post:
"Credit card information is not stored on MyHeritage, to begin with, but only on trusted third-party billing providers utilized by MyHeritage. Other types of sensitive data such as family trees and DNA data are stored by MyHeritage on segregated systems, separate from those that store the email addresses, and they include added layers of security. We have no reason to believe those systems have been compromised."