Over 92 million account details from genealogy and DNA testing service MyHeritage were found on a private server, according to a release made by the company on Monday.
According to the release, the breach occurred on October 26th, 2017, and the data discovered includes users who signed up for the service on or before that date, totaling 92,283,889 people.
MyHeritage is an Israel-based ancestry platform where users can create family trees and search through familial and historical records.
MyHeritage became aware of the breach after a security researcher reached out to the company’s chief information security officer with “a file named myheritage containing email addresses and hashed passwords, on a private server outside of MyHeritage,” the release read. According to the researcher, no other data was discovered on the server.
Other data, like the DNA data and credit card information, is stored in a separate system from those that house the username and email information. The company said there’s no reason to believe that the more sensitive information was breached.
MyHeritage has since set up a response team that is investigating the incident and is “taking immediate steps to engage a leading, independent cybersecurity firm” to look into the scope of the breach.
Correction 6/5/2018 2:55PM EST: This headline has been corrected to clarify that email account details were leaked, and not information regarding user DNA.