07 Jun DNA Testing Firm Leaks Credentials of 92 Million Users
DNA testing company MyHeritage announced this week that a security researcher had discovered an unsecured file online that contained the email addresses and hashed passwords of 92 million users.
While MyHeritage assured the public that no DNA or genealogy data had been compromised, they urged users to change their passwords even though the company’s CIO Omer Deutsch said that anyone who has had access to the hashed passwords do not really have the actual passwords.
MyHeritage also says that it will try to expedite its two-factor authentication which will allow their users to authenticate via a mobile device in addition to a password.
Source: Krebs on Security