Author Topic: GEDmatch Security Breach 19 July 2020  (Read 2113 times)

Offline Romilly

  • RootsChat Marquessate
  • *******
  • Posts: 5,428
    • View Profile
Re: GEDmatch Security Breach 19 July 2020
« Reply #18 on: Wednesday 22 July 20 14:09 BST (UK) »
This is very annoying, as I was planning to delete my kits from Gedmatch, and now I can’t get on the Site at all:-(

I have also heard that there’s also been a data breach on the My Heritage Site too...

Romilly.
Any census information included in this post is Crown Copyright, from www.nationalarchives.gov.uk
Researching:
Wilson, Warren, Dulston, Hooper, Duffin, Petty, Rees, Davies, Williams, Newman, Dyer, Hamilton, Edmeads, Pattenden.

Offline Gadget

  • RootsChat Marquessate
  • *******
  • Posts: 57,131
    • View Profile
Re: GEDmatch Security Breach 19 July 2020
« Reply #19 on: Wednesday 22 July 20 15:07 BST (UK) »


I have also heard that there’s also been a data breach on the My Heritage Site too...

Romilly.

I think it's if you click on an e-mail from My Heritage spelt with a Q rather than a G

See previous link:


https://thednageek.com/phishing-attempt-at-myheritage/

Census &  BMD information Crown Copyright www.nationalarchives.gov.uk and GROS - www.scotlandspeople.gov.uk

***Restorers - Please do not use my restores without my permission. Thanks***

Offline ms_canuck

  • RootsChat Member
  • ***
  • Posts: 148
  • Census information Crown Copyright, from www.nationalarchives.gov.uk
    • View Profile
Re: GEDmatch Security Breach 19 July 2020
« Reply #20 on: Wednesday 22 July 20 16:33 BST (UK) »
I received an email from GEDMatch today advising that they have temporarily closed their site due to a security breach 'orchestrated through a sophisticated attack on one of our servers via an existing user account'.  As a result, 'all user permissions were reset, making all profiles visible to all users' for approximately 3 hours.  The hackers switched the opt-out to law enforcement matching so that everyone was 'opted in' and then GEDmatch discovered a second breach that reversed the opt-out so that no profiles were visible for law enforcement matching.

They assure me that my 'DNA information was not compromised, as GEDmatch does not store raw DNA files on the site'.

They are working with a 'leading cybersecurity firm to conduct a comprehensive forensic review' and to help them 'implement the best possible security measures'.  The incident(s) have been reported to the appropriate authorities. 

Today they were informed that 'customers of MyHeritage who are also GEDmatch customers were the target of a phishing scam'.  They don't know at this point if this was the result of the breach.  They caution against opening suspicious emails and give their correct email and phone number.  The email is signed by the CEO of Verogen Inc., Brett Williams.

So what else will 2020 bring us!  Not a question any of us really want an answer to right???

Regards all

Ms_C
[Edit:  Thanks for moving my post here.  I did search, but didn't find this thread.]
1. Paul - Guernsey 1801
2. Ettenton / Eltenton - Guernsey 1806

Offline Pheno

  • RootsChat Aristocrat
  • ******
  • Posts: 1,990
    • View Profile
Re: GEDmatch Security Breach 19 July 2020
« Reply #21 on: Wednesday 22 July 20 16:40 BST (UK) »
Oh blast, I have just responded to my first evr MyHeritage message - although I did find the person on Ancestry too so hopefully it is genuine.

Pheno
Austin/Austen - Sussex & London
Bond - Berkshire & London
Bishop - Sussex & Kent
Holland - Essex
Nevitt - Cheshire & Staffordshire
Wray - Yorkshire


Offline Romilly

  • RootsChat Marquessate
  • *******
  • Posts: 5,428
    • View Profile
Re: GEDmatch Security Breach 19 July 2020
« Reply #22 on: Wednesday 22 July 20 16:44 BST (UK) »

Thanks Gadget.

Romilly.
Any census information included in this post is Crown Copyright, from www.nationalarchives.gov.uk
Researching:
Wilson, Warren, Dulston, Hooper, Duffin, Petty, Rees, Davies, Williams, Newman, Dyer, Hamilton, Edmeads, Pattenden.

Offline Flemming

  • RootsChat Veteran
  • *****
  • Posts: 913
  • Census information Crown Copyright, from www.nationalarchives.gov.uk
    • View Profile
Re: GEDmatch Security Breach 19 July 2020
« Reply #23 on: Wednesday 22 July 20 16:55 BST (UK) »
Ongoing thread here...

Moderator Comment: Topics Merged


Offline Zaphod99

  • RootsChat Senior
  • ****
  • Posts: 261
  • Census information Crown Copyright, from www.nationalarchives.gov.uk
    • View Profile
Re: GEDmatch Security Breach 19 July 2020 Back on line
« Reply #24 on: Saturday 25 July 20 18:15 BST (UK) »
I just logged in to GEDMatch, currently with the following warning

"We have completed a thorough review of the site for security vulnerabilities and have made changes where appropriate to ensure the security of your data. If you note any issues that are of concern, please submit a request tracker ticket for resolution. For our Tier 1 members we will be extending your membership by 1 week."

Zaph

Offline melba_schmelba

  • RootsChat Aristocrat
  • ******
  • Posts: 1,649
  • Census information Crown Copyright, from www.nationalarchives.gov.uk
    • View Profile
Re: GEDmatch Security Breach 19 July 2020 Back on line
« Reply #25 on: Saturday 01 August 20 19:17 BST (UK) »
Seems to have been offline again for almost 24 hours, and no updates whatsoever on the Facebook page.

https://www.facebook.com/officialGEDmatch/

UPDATE: Now back up again ::)


Offline Liviani

  • RootsChat Veteran
  • *****
  • Posts: 576
    • View Profile
Re: GEDmatch Security Breach 19 July 2020 Back on line
« Reply #26 on: Sunday 02 August 20 19:10 BST (UK) »
Seems to have been offline again for almost 24 hours, and no updates whatsoever on the Facebook page.

https://www.facebook.com/officialGEDmatch/

UPDATE: Now back up again ::)

It's down again, and no update on their Social Media page.

I am getting increasingly frustrated with the lack of communication from Verogen. It just goes down, we don't know why and they don't tell us.
I would understand if it was still in the hands of a couple of people as before, but it's not now.

mtDNA subclade K1b2b. Father's Y-DNA I-S25383
GEDmatch kit; CF7867455
Father's kit; RY1336515
Mother's kit; AF2312865


Kincardineshire
Sheret, Hosie, Valentine, Crow, Beattie, McArthur, Wyllie.
Angus (Forfarshire)
Adam, Valentine, Ewan, Elder, Guild, Kydd, Bradford, Stronner, Gibson, Cloudsley, Evans, Stewart, Stott.
Perthshire
Small, Robertson, Murray, Kennedy, McGregor
Ross & Cromarty
Cameron, Stewart, Grant
Banffshire - Gamrie
Anderson, Massie