Gransnet forums


My Heritage site has been hacked

(2 Posts)
Floradora9 Fri 22-Feb-19 10:32:43

If you are a member change your password. I got this from
"have I been pwned" site who alert you to these things.

In October 2017, the genealogy website MyHeritage suffered a data breach. The incident was reported 7 months later after a security researcher discovered the data and contacted MyHeritage. In total, more than 92M customer records were exposed and included email addresses and salted SHA-1 password hashes. In 2019, the data appeared listed for sale on a dark web marketplace (along with several other large breaches) and subsequently began circulating more broadly. The data was provided to HIBP by a source who requested it be attributed to "[email protected]".

NanaMacGeek Fri 22-Feb-19 16:18:26

The best protection in situations like this is to ensure that you use complex passwords and never use the same password twice.

At the moment hackers of MyHeritage have a list of scrambled passwords, together with the email address that goes with them. The simpler the password, the easier it will be to crack. SHA-1 as a certified encryption standard has been recognised as potentially vulnerable since 2005 and companies such as Microsoft, Google and Mozilla have been warning against its use, marking connections 'protected ' by it as unsafe since 2017.

Remembering multiple, complex passwords is beyond most of us mere mortals. I use a password manager to generate and store my passwords. I'm hoping that technology will soon make passwords unnecessary. But until then, if you keep using the same, simple password to access different sites, you will be vulnerable on all those sites.