Data on the Loose: Recent Data Thefts Stealing Your History
While the news has been buzzing with the Garmin Ransomware debacle (a huge issue that we’ll tackle in a later, more thoughtful analysis), two other unrelated breaches have come to light that people need to be aware of and understand:
FAMILY TREE MAKER- The geneology software maker had an unsecured database server exposed to the Internet and it has leaded more than 25Gb of data on users of their software. This information included geolocation data, IP addresses, and technical details of users systems.
This drives home our advice of discouraging users from browsing/using work computers for home use. Technical details of some users work systems (along with their email addresses, location, etc) were no doubt in the data hault.
GEDmatch- This site aggregates DNA data from users and commercial DNA testing companies., and matches sequences to other users. Originally designed to assist researchers, amateur genealogists, and adoptees searching for birth parents, it has been referred to now as “the de facto DNA and geneology database for all of law enforcement.”
The latest breach of their internal systems, attackers were able to not only steal information on the almost 1.5 million users, but changed the settings on over 1 million accounts to make them accessible to law enforcement for searching against the express wishes of the GEDmatch site users. They also used information gleaned in the data theft to attack the Israeli partner of the company.
The information stolen in these two thefts alone are highly targeted and high-value data on individuals and potentially data on their employers computer networks. Anyone who has used either of these services should be on high alert for very targeted [phishing] emails trying to get you to click through to a web site, download a “new feature”, etc. Many computer and network security settings cannot adequately protect you from deliberately choosing to download and run malware, so user training and awareness is important.