Tag Archive | Phishing

Hacking in the Genetic Genealogy World!

Jul23

There are so many security breaches and problems for us genetic genealogists to worry about these days! Why would anyone want your DNA data? I can understand wanting your credit card information, although these days those companies are quick to spot fraud. But why hack a DNA site? My DNA can tell you my eye color, blood type, and that I have no genetic diseases; but mainly it is useful for seeing who I match and finding out some information about my ethnicity. These sites do not have my social security number or birth date, plus most do not have my credit card numbers on file. Maybe it is a clever criminal wanting to know if there are any close matches to his DNA? Or a foreign country wanting to know if someone whose DNA they have is an American spy?

Hacker image from a photo  by Jefferson Santos on Unsplash

We have been suffering through several days of GEDmatch being down, due to being hacked, with no end it sight [UPDATE 25-Jul-2020: it’s back, yeah!]. I hate not being able to run some of their great tools. At least you can ask matches from Ancestry to upload to Family Tree DNA or MyHeritage in order to get the one to one comparisons.

The DNA Geek, Leah Larkin, reported that there have also been fishing emails sent pretending to be from MyHeritage where the G is replaced by a Q! So please don’t fall for any of those see https://thednageek.com/phishing-attempt-at-myheritage/

My Google News Alert had an article that claimed that Ancestry.com user information had been exposed via a cloud hack through the Family Tree Maker Software: https://siliconangle.com/2020/07/21/family-tree-maker-exposes-records-online-via-unsecured-elasticsearch-database/ However MacKeiv Software claims this is not so, and that they spotted the vulnerability before anyone was hacked: https://support.mackiev.com/349796-FAMILY-TREE-MAKER—Data-Security-Article

So I decided that having the same password at all my genealogy sites was not a good idea any more, even though I only use that password for genealogy and DNA. So I went around changing my passwords on those sites yesterday. It’s probably a good practice to change them every six months or so anyway.

Here is the email received yesterday from GEDmatch:
Continue reading