Data leak: Thousands of police data exposed
Hit by a security breach, an American site, leaked millions of apartment information to the U.S. police.
These are several DNA profiles, concerning several individuals involved in investigations carried out or ongoing by the police authorities.
This article will also interest you: The "BlueLeaks": the huge leak of data from the American police
The security breach was caused by a computer attack. It is when the parameters are updated, GEDmatch, a genealogical site, unfortunately left free access to police data, especially the genetic information of users, who mostly did not consent.
The incident took place on July 20. Victims of the data leak were contacted by the platform to be informed of the problem that was taking place at the time of the security breach. As mentioned above, the information processed by the platform is quite sensitive. The advantage offered by the platform allows its clients after defining a DNA profile to do research in order to be able to find other profiles corresponding to its genealogy. This can lead to the return of families, or relatives who have been lost for years. This also implies that several thousand DNA profiles are compiled there.
And of course it's a platform that has an interest in law enforcement, who have already used this information during a 2018 investigation into the "Golden State killer" case. An adventure that lasts nearly four decades, which has seen police investigating in order to find a person responsible for more than 13 murders. The investigation took a turn when data provided by GEDmatch, a permit to identify a distant cousin, immediately uncovered the identity of the wanted individual named Joseph DeAngelo, who was 72 years old at the time. He pleaded guilty at his trial.
After the events that concerned the murderer, the platform introduced a new possibility to its customers to be able to allow the police authorities or not. Of the 1.45 million people registered on the platform, only 280,000 customers gave their consent according to BuzzFeed's report.
However, on 19 July, the platform suffered a computer attack, endangering thousands of genetic data, but also allowing the police to access it without users' permission. "As a result of this intrusion, all user settings have been reset," GEDmatch said on Facebook. "This has made all profiles visible to all users. This lasted about three hours. During this period, users who had not activated the function that allows the police to compare their genetic data still saw their data accessible. ».
For the time being, the extent of the data that the US police could have accessed has not yet been determined by the platform or by the American press. But it is certain that the latter will make the most of this situation to make several comparisons of genetic profile, which is in reality could never have been accessible in normal times. However, on the GEDmatch side, we claim to have observed nothing unusual even though it seems little problem. Subsequently, on July 20, another computer attack hit the platform. But things had changed, the data was no longer available to the police. The site will remain offline throughout the day of July 33. The company mentioned a need for maintenance.
But that's not all. According to L'Héritage, another genealogy site, warned its customers that they could be targeted by phishing campaigns, which would also be the case for GEDmatch customers. Clearly, the troubles are not over at all. "We found out after talking to the people who received this email that everyone uses GEDmatch. Since GEDmatch was the victim of an intrusion two days ago, we suspect that this is how the authors retrieved their email addresses," noted M MyHeritage
According to MyHeritage, sixteen people were caught out of the 105 people targeted by the phishing campaign. The platform announces that it has tried to contact them, asking them to change passwords.
GEDmatch, for its part, defends itself in the face of the accusations. The platform stresses that it has "no evidence to suggest that this phishing campaign is the result of this week's intrusion." As early as July 20, the company stated that "no data had been downloaded or compromised." It assures that it will continue its investigations to determine if there are other problems to be observed and addressed.
Now access an unlimited number of passwords:
