Go Back  British Expats > General > The Lab
Reload this Page >

Another breach

Another breach

Old Jun 16th 2018, 9:57 am
  #1  
Dedicated European
Thread Starter
 
Joined: Mar 2017
Location: Buda
Posts: 4,328
Expatrick has a reputation beyond reputeExpatrick has a reputation beyond reputeExpatrick has a reputation beyond reputeExpatrick has a reputation beyond reputeExpatrick has a reputation beyond reputeExpatrick has a reputation beyond reputeExpatrick has a reputation beyond reputeExpatrick has a reputation beyond reputeExpatrick has a reputation beyond reputeExpatrick has a reputation beyond reputeExpatrick has a reputation beyond repute
Default Another breach

Just received this -
Dear Patrick,As one of our registered users, we bring to your attention that on June 4, 2018, at 1pm EST we became aware of a data breach involving 92.3 million email addresses of MyHeritage users, and their hashed passwords (these are not actual passwords).We learned about the breach when MyHeritage’s Chief Information Security Officer received a message from a security researcher that he had found a file named myheritage containing email addresses and hashed passwords, on a private server outside of MyHeritage. Our Information Security Team received the file from the security researcher, reviewed it, and confirmed that its contents originated from MyHeritage and included all the email addresses of users who signed up to MyHeritage up to October 26, 2017, and their hashed passwords. We made a public announcement about the breach within 8 hours of learning about it.Your email address was one of the accounts in the data breach.Immediately upon receipt of the file, MyHeritage’s Information Security Team analyzed the file and began an investigation to determine how its contents were obtained and to identify any potential exploitation of the MyHeritage system. We determined that the file was legitimate and included the email addresses and hashed passwords of 92,283,889 users who had signed up to MyHeritage up to and including Oct 26, 2017 which is the date of the breach. MyHeritage does not store user passwords, but rather a one-way hash of each password, in which the hash key differs for each customer. This means that anyone gaining access to the hashed passwords does not have the actual passwords.The security researcher reported that no other data related to MyHeritage was found on the private server. There has been no evidence that the data in the file was ever used by the perpetrators. Since Oct 26, 2017 (the date of the breach) and the present we have not seen any activity indicating that any MyHeritage accounts had been compromised.We believe the intrusion is limited to the user email addresses. We have no reason to believe that any other MyHeritage systems were compromised. As an example, credit card information is not stored on MyHeritage to begin with, but only on trusted third-party billing providers (e.g. BlueSnap, PayPal) utilized by MyHeritage. Other types of sensitive data such as family trees and DNA data are stored by MyHeritage on segregated systems, separate from those that store the email addresses, and they include added layers of security. We have no reason to believe those systems have been compromised.
Expatrick is offline  

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Contact Us Archive Advertising Cookie Policy Privacy Statement Terms of Service

Copyright © 2018 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.