IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Hackers target DNA profiles on major genealogy databases

GEDmatch breach results in phishing campaign targeting MyHeritage users

Fishing hook attached to an "at" symbol

On July 19, users of the genealogy website GEDmatch were met by an unpleasant surprise when they logged in to the website. More than 1 million DNA profiles that were previously hidden from law enforcement were now available for police to search. Then, on July 21, MyHeritage announced some of its users were subjected to a phishing attack targeting their login credentials for the site. Email addresses targeted in the attack were the same ones stolen in the GEDmatch attack just two days earlier.

News of the breach comes months after Verogen purchased GEDmatch. At the time of the acquisition, Verogen told GEDmatch users it would protect their privacy but would also use genealogy to assist in solving violent crimes. Users who wished to remain anonymous could opt out of submitting their genetic information to law enforcement. 

These safeguards failed during the have. According to GEDmatch, the data breach resulted in all user accounts being reset and making them visible to all GEDmatch users and law enforcement for about three hours.

“As a result of this breach, all user permissions were reset, making all profiles visible to all users. This was the case for approximately 3 hours,” the statement reads. “During this time, users who did not opt in for law enforcement matching were available for law enforcement matching and, conversely, all law enforcement profiles were made visible to GEDmatch users.”

Service at GEDmatch briefly resumed after the initial breach, but the site has since been taken offline and replaced with the message that reads, “The GEDmatch site is down for maintenance - Currently No ETA.”

In a statement, Verogen further explained, “We are working with a cybersecurity firm to conduct a comprehensive forensic review and help us implement the best possible security measures.” Verogen has also reported the hack to the authorities.

Though Verogen reassured its users that no user data was downloaded or compromised during the breach, this claim came into question on July 21 when MyHeritage warned its customers they may be targeted by an email phishing campaign. According to MyHeritage, the hackers got the users’ email addresses from the GEDmatch hack. 

The MyHeritage phishing campaign included a phishing email that sent users to a fake login page at the domain myheritaqe.com. This page was designed to harvest their usernames and passwords.

In a blog post, MyHeritage explained, “We suspect that the data breach on GEDmatch may have included theft of GEDmatch’s user database (at least email addresses and names of customers, perhaps more) and the perpetrators then proceeded to launch a phishing attack against those users from GEDmatch who are using MyHeritage, by sending them a phishing email to try to collect their passwords. It’s possible that the perpetrators did not retrieve the user database in the current breach but had it in their possession from an earlier intrusion into GEDmatch.”

According to MyHeritage, hackers lured 105 users to the fake website. Of those users, 16 were duped by the website and entered their login credentials.

What motivated these attacks remains unclear. Genealogists say they fear the security breaches may discourage individuals from putting their DNA profiles online, which could negatively impact the online genealogy community and efforts to solve cold cases.

Featured Resources

Activation playbook: Deliver data that powers impactful, game-changing campaigns

Bringing together data and technology to drive better business outcomes

Free Download

In unpredictable times, a data strategy is key

Data processes are crucial to guide decisions and drive business growth

Free Download

Achieving resiliency with Everything-as-a-Service (XAAS)

Transforming the enterprise IT landscape

Free Download

What is contextual analytics?

Creating more customer value in HR software applications

Free Download

Recommended

Education and government most at risk from email threats
phishing

Education and government most at risk from email threats

26 Nov 2021
Hackers use Linux backdoor on compromised e-commerce sites with software skimmer
malware

Hackers use Linux backdoor on compromised e-commerce sites with software skimmer

19 Nov 2021
Iranian hackers ramp up attacks against IT services sector
hacking

Iranian hackers ramp up attacks against IT services sector

19 Nov 2021
TikTok phishing campaign tried to scam over 125 influencer accounts
social media

TikTok phishing campaign tried to scam over 125 influencer accounts

18 Nov 2021

Most Popular

Open source packages with millions of installs hacked to harvest AWS credentials
hacking

Open source packages with millions of installs hacked to harvest AWS credentials

24 May 2022
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

13 May 2022
Microsoft finally adds Power BI integrations to PowerPoint and Outlook
business intelligence (BI)

Microsoft finally adds Power BI integrations to PowerPoint and Outlook

25 May 2022