A Security Breach Exposed More Than One Million DNA Profiles On A Major Genealogy Database

For anyone that's used any family ancestory services this may be alarming but a large breach at two different such places exposed the profiles and details of over 1 million people publically as well as opting in all profiles to be searchable by law enforcement. For about three hours this data was available to anyone that happened to look.

www.buzzfeednews.com...

First GEDmatch, the DNA database that helped identify the Golden State Killer, was hacked. Then email addresses from its users were used in a phishing attack on another leading genealogy site.

Suddenly, more than a million DNA profiles that had been hidden from cops using the site to find partial matches to crime scene DNA were available for police to search

The news has undermined efforts by Verogen, the forensic genetics company that purchased GEDmatch last December, to convince users that it would protect their privacy while pursuing a business based on using genetic genealogy to help solve violent crimes.

A second alarm came on July 21, when MyHeritage, a genealogy website based in Israel, announced that some of its users had been subjected to a phishing attack to obtain their log-in details for the site

As a result of this breach, all user permissions were reset, making all profiles visible to all users. This was the case for approximately 3 hours,” the statement said. “During this time, users who did not opt in for law enforcement matching were available for law enforcement matching and, conversely, all law enforcement profiles were made visible to GEDmatch users.”

a reply to: dug88

Ohh boy,
Mothers maiden names galore

Watch out for extortion rackets to threaten people with 5%+ Neanderthal DNA 🦃🚬

This is why I will never use those sites. Ever.

Well now, that is information on over a million people. Where is the printer set up at?

"She is pretty. I will take five of her and a couple of that guy for guards. He looks like he could throw a small car if needed."

Shocked shocked I say... these hacks stopped surprising me after the ORM, and Equifax hack major companies with more than enough money to have serious security failed at a very basic level of cyber security.

Or my favorites that I wasnt a victim of, (like the two I mentioned) had a music major as the cyber security boss...

a reply to: dug88

Yeah.

Organ donors identified.

Just a thought.

And yet Bill Gates pushes on with his all in one injectable microchips for finance, health care and where you are allowed to go. What kind of mess is that going to make when that gets hacked and information leaks?

originally posted by: HalWesten
This is why I will never use those sites. Ever.

What sucks is it doesn't matter if you do or don't.

The chances one of your close relatives (even cousin) has is pretty good. Public records could have a smart person with a safe guess to a lot of your DNA attributes if they have someone on both sides of your family.

This is why I always hated the idea of lackadaisical and almost novel DNA services. Looking at the price point they're charging, it leaves far too much room for them to look for other revenue streams. While breached security is certainly alarming, I'm also concerned insurance companies start hitting them up, or even minority report like "justice" agencies profiling us.

a reply to: CriticalStinker

That's my biggest issue with them. Nothing stops them from selling off your genetic information. So, basically they can profit off your body without you ever getting anything out of it.