Website Security Breach Exposes 1 Million DNA Profiles

A genealogy website used to catch one of California’s most wanted serial killers remained shut down Thursday after a security breach exposed the DNA profiles of more than a million people to law enforcement agencies.

GEDmatch said in a message emailed to members and posted Wednesday on its Facebook page that on Sunday a “sophisticated attack” on their servers through an existing user account made the DNA profiles of its members available for police to search for about three hours.

“We became aware of the situation a short time later and immediately took the site down,” GEDmatch said.

GEDmatch briefly resumed but shut down again after it was the target of a second breach on Monday when all user permissions were set to opt-in to law enforcement matching, the company said.

“We can assure you that your DNA information was not compromised, as GEDmatch does not store raw DNA files on the site,” the company said. “When you upload your data, the information is encoded and the raw file deleted. This is one of the ways we protect our users’ most sensitive information.”

The company said it was informed Tuesday that customers of MyHeritage, an Israel-based genealogy website, that are also GEDmatch users were the target of a phishing scam.

The site remained down on Thursday with a message reading “The gedmatch site is down for maintenance. Currently no ETA for availability.”

GEDmatch made headlines in 2018 when it helped investigators in California identify Joseph James DeAngelo, also known as the Golden State Killer. DeAngelo is suspected of being the sadistic attacker who killed 13 people and raped nearly 50 women in California during the ’70s and ’80s.

DeAngelo last month pled guilty to dozens of crimes in return for being spared the death penalty.

As of 2019, than 1.2 million people have used GEDmatch’s free service to upload data profiles from different DNA testing companies such as Ancestry and 23andme, and compare their autosomal DNA data files with others, KPIX-TV reported.

The service has become a huge help for genealogists and people seeking to build their family trees by allowing one-to-one, one-to-many X-DNA comparisons and other useful matrices.

Related: Beauty and the Breach: Estée Lauder Exposes 440 Million Records in Unprotected Database

Related: Millions of Digital Wallets Exposed by Key Ring

Related: Unprotected Medical Systems Expose Data on Millions of Patients