Uppgifterna, e-postadresser och krypterade lösenord hittades först på en privat server, utanför MyHeritage. Nu bekräftas att det handlar om alla användare som registrerat sig för släktforskningstjänsten mellan 2003 och till oktober 2017.
Enligt MyHeritage så har övrig information och andra delar av systemet inte hackats och därför ska inte information om betalningar, DNA-information och annan data inte ha stulits. MyHertrage uppger att de anlitat ett säkerhetsföretag för att utreda händelsen ytterligare.
Today, June 4, 2018 at approximately 1pm EST, MyHeritage’s Chief Information Security Officer received a message from a security researcher that he had found a file named myheritage containing email addresses and hashed passwords, on a private server outside of MyHeritage. Our Information Security Team received the file from the security researcher, reviewed it, and confirmed that its contents originated from MyHeritage and included all the email addresses of users who signed up to MyHeritage up to October 26, 2017, and their hashed passwords.
MyHeritage skriver vidare på sin blogg att de inte har hittat tecken som tyder på att information har använts till något eller att det alltså ska finnas skäl till att tro att mer information eller fler konton har stulits.
We believe the intrusion is limited to the user email addresses. We have no reason to believe that any other MyHeritage systems were compromised. As an example, credit card information is not stored on MyHeritage to begin with, but only on trusted third-party billing providers (e.g. BlueSnap, PayPal) utilized by MyHeritage. Other types of sensitive data such as family trees and DNA data are stored by MyHeritage on segregated systems, separate from those that store the email addresses, and they include added layers of security. We have no reason to believe those systems have been compromised.
0 kommentarer