My Heritage security breach

A place for general and off-topic chat amongst researchers. Please ensure that all posts remain suitable for a family audience.

Moderators: admin, Northern Lass, peterd

My Heritage security breach

Postby rockyfowler » Thu Feb 21, 2019 7:25 am

';-- have i been pwned?
You've been pwned!
You signed up for notifications when your account was pwned in a data breach and unfortunately, it's happened. Here's what's known about the breach:

Email found: -------- (my e mail :cry: )
Breach: MyHeritage
Date of breach: 26 Oct 2017
Number of accounts: 91,991,358
Compromised data: Email addresses, Passwords
Description: In October 2017, the genealogy website MyHeritage suffered a data breach. The incident was reported 7 months later after a security researcher discovered the data and contacted MyHeritage. In total, more than 92M customer records were exposed and included email addresses and salted SHA-1 password hashes. In 2019, the data appeared listed for sale on a dark web marketplace (along with several other large breaches) and subsequently began circulating more broadly. The data was provided to HIBP by a source who requested it be attributed to "[email protected]".

2 Steps to Better Password Security
Monitoring Have I Been Pwned for data breaches is a great start, now try these next 2 steps to protect all your accounts:

1Password
Step 1: Protect yourself with strong, unique passwords for each website with the 1Password password manager

1Password
Step 2: Enable 2 factor authentication and store the codes inside your 1Password account

You can also run a search for breaches of your email address again at any time to get a complete list of sites where your account has been compromised.

Check my email address again
Why are you only hearing about this now? Whilst the breach occurred in October 2017, sometimes there can be a lengthy lead time of months or even years before the data is disclosed publicly. Have I Been Pwned will always attempt to alert you ASAP, it's just a question of how readily available the data is.

Please note that it is not possible to retrieve the passwords themselves from HIBP. If you don't want to receive any future breach notifications, just click here to unsubscribe.

Donate to Have I Been Pwned
If you loved this free service and want to know what goes into making it possible, have a read of the donations page. Buy me a coffee or a beer or just some time with the kids at a movie.

haveibeenpwned.com

A troyhunt.com project
“You know you’re getting old when you stoop to tie your shoelaces and wonder what else you could do while you’re down there.” ― George Burns
rockyfowler
 
Posts: 6376
Joined: Sun Feb 15, 2009 3:35 pm

Re: My Heritage security breach

Postby SRD » Thu Feb 21, 2019 7:57 am

I was informed of the security breach some time ago, not in 2017 admittedly but MyHeritage didn't find out about it 'til some time later.
Currently investigating the Hillmans of Sussex.
User avatar
SRD
 
Posts: 2441
Joined: Tue Jan 04, 2011 5:34 pm
Location: Wiltshire


Return to The Snug

Who is online

Users browsing this forum: No registered users and 2 guests