Hackers have targeted users of genetic genealogy sites, an attack that changed one of the site's privacy settings to enable law enforcement to see all profiles, Buzzfeed News reports.
According to Buzzfeed News, the hackers made more than one million profiles at the genetic genealogy website GEDmatch that were hidden from law enforcement visible to them. Following increased privacy concerns over police use of genetic genealogy databases, GEDmatch changed its terms and conditions in May 2019 to opt users out of police searches, an option users could then change if they wanted.
It adds that GEDmatch, which was purchased by Verogen in December 2019, said in a statement to users that permissions were affected for about three hours but that no user data was compromised.
However, Buzzfeed News adds that a phishing attack then targeted MyHeritage customers who also had GEDmatch accounts, by sending them to a fake login page in an apparent attempt to obtain their usernames and passwords.
It notes that the goal of the attacks are not known, but Colleen Fitzpatrick from Identifinders International tells it that the hackers may have been "joyriding."