MyHeritage Data Breach Exposes Login Credentials of 92 Million Customers
MyHeritage, the Israel-based genealogy and DNA testing service, has reported a significant data breach that compromised the login credentials of more than 92 million users. The breach came to light on June 4, 2018, when an unnamed security researcher stumbled upon a database file named “myheritage” on a private server outside the company’s control and alerted MyHeritage officials.
Upon investigation, MyHeritage discovered that the exposed database contained the email addresses and hashed passwords of users who registered before October 27, 2017. While the company continues to analyze the breach for any signs of system exploitation, it has confirmed that sensitive information such as credit card details and family trees remain secure, as they are stored in separate, secure systems.
The company stated, “Credit card information is not stored on MyHeritage to begin with, but only on trusted third-party billing providers,” including BlueSnap and PayPal. Furthermore, MyHeritage assured users that sensitive data like family trees and DNA results are kept within segregated systems, fortified with additional security measures, thereby minimizing the risk of a similar breach.
Although initial examinations show no evidence of account compromise, MyHeritage urges all users to change their passwords. The company utilizes a hashing algorithm with unique salts to safeguard user passwords, enhancing their resilience against cracking attempts. To bolster security, MyHeritage is also planning to introduce two-factor authentication as an optional feature in the future.
In assessing how the breach may have occurred, it is plausible that techniques aligned with the MITRE ATT&CK framework were involved. Methods such as initial access and exploitation of vulnerabilities appear relevant, with attackers possibly leveraging phishing or leveraging inadequate security protocols to gain unauthorized entry into the database.
The company has engaged an independent cybersecurity firm to conduct a forensic investigation into the incident, ensuring a thorough and transparent review of the breach’s implications. As businesses increasingly navigate the complex landscape of cybersecurity, the MyHeritage incident serves as a potent reminder of the persistent risks faced in the digital realm.
For organizations, especially those handling sensitive customer data, this breach illustrates the critical importance of robust cybersecurity measures. Employing strategies consistent with the MITRE ATT&CK framework can offer invaluable guidance in fortifying systems against potential adversary tactics, whether they involve privilege escalation, persistence, or other forms of attack vectors. As cybersecurity threats evolve, maintaining vigilance and updating security protocols is paramount for safeguarding sensitive consumer information.
MyHeritage’s commitment to resolving this issue reflects the need for continuous improvement in cybersecurity practices. Business leaders are encouraged to adopt a proactive approach in evaluating their own defenses to mitigate similar risks in the future.
