Hackers target DNA profiles on major genealogy databases

GEDmatch breach results in phishing campaign targeting MyHeritage users

Fishing hook attached to an "at" symbol

On July 19, users of the genealogy website GEDmatch were met by an unpleasant surprise when they logged in to the website. More than 1 million DNA profiles that were previously hidden from law enforcement were now available for police to search. Then, on July 21, MyHeritage announced some of its users were subjected to a phishing attack targeting their login credentials for the site. Email addresses targeted in the attack were the same ones stolen in the GEDmatch attack just two days earlier.

News of the breach comes months after Verogen purchased GEDmatch. At the time of the acquisition, Verogen told GEDmatch users it would protect their privacy but would also use genealogy to assist in solving violent crimes. Users who wished to remain anonymous could opt out of submitting their genetic information to law enforcement. 

These safeguards failed during the have. According to GEDmatch, the data breach resulted in all user accounts being reset and making them visible to all GEDmatch users and law enforcement for about three hours.

“As a result of this breach, all user permissions were reset, making all profiles visible to all users. This was the case for approximately 3 hours,” the statement reads. “During this time, users who did not opt in for law enforcement matching were available for law enforcement matching and, conversely, all law enforcement profiles were made visible to GEDmatch users.”

Service at GEDmatch briefly resumed after the initial breach, but the site has since been taken offline and replaced with the message that reads, “The GEDmatch site is down for maintenance - Currently No ETA.”

In a statement, Verogen further explained, “We are working with a cybersecurity firm to conduct a comprehensive forensic review and help us implement the best possible security measures.” Verogen has also reported the hack to the authorities.

Though Verogen reassured its users that no user data was downloaded or compromised during the breach, this claim came into question on July 21 when MyHeritage warned its customers they may be targeted by an email phishing campaign. According to MyHeritage, the hackers got the users’ email addresses from the GEDmatch hack. 

The MyHeritage phishing campaign included a phishing email that sent users to a fake login page at the domain myheritaqe.com. This page was designed to harvest their usernames and passwords.

In a blog post, MyHeritage explained, “We suspect that the data breach on GEDmatch may have included theft of GEDmatch’s user database (at least email addresses and names of customers, perhaps more) and the perpetrators then proceeded to launch a phishing attack against those users from GEDmatch who are using MyHeritage, by sending them a phishing email to try to collect their passwords. It’s possible that the perpetrators did not retrieve the user database in the current breach but had it in their possession from an earlier intrusion into GEDmatch.”

According to MyHeritage, hackers lured 105 users to the fake website. Of those users, 16 were duped by the website and entered their login credentials.

What motivated these attacks remains unclear. Genealogists say they fear the security breaches may discourage individuals from putting their DNA profiles online, which could negatively impact the online genealogy community and efforts to solve cold cases.

Featured Resources

The ultimate law enforcement agency guide to going mobile

Best practices for implementing a mobile device program

Free download

The business value of Red Hat OpenShift

Platform cost savings, ROI, and the challenges and opportunities of Red Hat OpenShift

Free download

Managing security and risk across the IT supply chain: A practical approach

Best practices for IT supply chain security

Free download

Digital remote monitoring and dispatch services’ impact on edge computing and data centres

Seven trends redefining remote monitoring and field service dispatch service requirements

Free download

Recommended

Microsoft touts new cyber security help for nonprofits
cyber security

Microsoft touts new cyber security help for nonprofits

22 Oct 2021
A quarter of all malicious JavaScript is obfuscated
hacking

A quarter of all malicious JavaScript is obfuscated

20 Oct 2021
Organizations warned of ransomware risk from smaller operators
ransomware

Organizations warned of ransomware risk from smaller operators

19 Oct 2021
Iranian hacking group continues to target US citizens
hacking

Iranian hacking group continues to target US citizens

18 Oct 2021

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
Windows 11 has problems with Oracle VirtualBox
Microsoft Windows

Windows 11 has problems with Oracle VirtualBox

5 Oct 2021
What is cyber warfare?
Security

What is cyber warfare?

15 Oct 2021