Genealogy Site Exposes One Million Profiles to Law Enforcement in Security Breach

Illustration for article titled Genealogy Site Exposes One Million Profiles to Law Enforcement in Security Breach
Image: Justin Sullivan (Getty Images)

Mailing your spit to an ancestry site and uploading it to a DNA matching database has seemed like a pretty bad idea since 2018 when federal law enforcement officials tracked down the Golden State killer through a discarded tissue and his relatives’ online genetic profiles on GEDMatch. Since that episode generated a widely-publicized alarm, GEDMatch, which is owned by the forensic science company Verogen, changed its policy so that users could opt-in to make their information available to law enforcement. But security breaches happen, and earlier this week, GEDMatch announced that, on July 19th, hackers had performed a “sophisticated attack” on one of their servers “using an existing user account.” For three hours, law enforcement officials were able to gain access to 1.2 million profiles that hadn’t opted-in to law enforcement access, and users were able to see law enforcement accounts.


GEDMatch announced the first breach on Facebook and then confirmed, in a statement shared with Gizmodo, that someone launched a second, similar attack on July 20th. The site is currently down, and GEDMatch has said that it’s working on shoring up for other potential vulnerabilities.

“We can assure you that your DNA information was not compromised, as GEDmatch does not store raw DNA files on the site,” the statement reads. “When you upload your data, the information is encoded, and the raw file deleted. This is one of the ways we protect our users’ most sensitive information.”

But it’s confusing why that matters—couldn’t law enforcement officers still have used a search to generate a lead, even without the raw DNA file?

Yes, GEDMatch told Gizmodo. They said that law enforcement “never receives raw DNA information of our users.” An agency only uploads a DNA profile and receives a name and email address for a user who might be related in order for a genealogist to piece together a family tree.

In other words, yes, 1.2 million non-consenting users could have been implicated in a criminal investigation during that three-hour window. It doesn’t matter whether no one was identified, or whether the window was one minute; the company made the impossible promise that it would shield over a million users from investigators, and it failed, because everything breaks.

While GEDMatch claims that no user data was compromised or downloaded, there’s evidence to the contrary; a similar Israeli site MyHeritage reported two days later that its users had been targeted in a phishing attack on emails that were “apparently compromised from GEDmatch.” Users were led to a spoof website “” and prompted to log in. MyHeritage claims that all of the victims it spoke to had GEDMatch profiles and reasonably guessed that the emails came from the GEDMatch breach; one was reached via an email address they’d only used for GEDMatch but not MyHeritage. GEDMatch told Gizmodo that they “have no evidence” that the MyHeritage attack was linked to the breach.


Even so, the breach looks bad, after GEDMatch and other sites have made a concerted effort to reassure customers that their genetic information was safe. In the two intervening years since the Golden State killer case, we’ve been beaten over the head with almost weekly news of the mass biometric data harvesting.

When Verogen purchased GEDMatch in 2019, Verogen CEO Brett Williams promised that they would fight warrants for information of users who hadn’t opted to make their data available to law enforcement. GEDMatch doesn’t say the extent to which it allows law enforcement to access its database, but it apologized in its Facebook statement to its “law enforcement customers.”


Even if you haven’t submitted your genetic data to any site, you should still think twice about leaving your DNA at a crime scene. In 2018, Science Magazine reported that 60% of white Americans could be identified by genetic information on ancestry databases. While the Justice Department set rules last year for using genetic information in investigations, a subsequent Los Angeles Times investigation found that, nationally, “There is no uniform approach for when detectives turn to genealogical databases to solve cases.”

Staff reporter, Gizmodo. wkimball @ gizmodo


Brainlock can NOT FKG reply on kinja

I’m kinda mixed on this.

On one hand, yes, they caught a bad guy, GSK aka EAR/ONS, so that DOES help people.

OTOH, there are some people who have gotten closure or destroyed families by using these sites. You might find out mom wasn’t as loyal as you/dad thought she was OR you might be adopted and find out who/where you came from.

While I do know people who were adopted, they have different stances on how to address that. One just wants to know her medical background “just in case”; others don’t care because they like the family that raised them. One has an 80% chance of his foster father being his bio-father. or bio-uncle. Yeah, (never official) foster” mom knows who his bio-mom is/was and who she used to pal around with and told me this much after she divorced the dad/uncle. I have no idea if he has inquired since? (and yes, she’s a bit Southern, her family being kin to The Hatfields of That Feud fame.)

ANYWAY... we have a few Notable Names via Ancestry, before they stopped doing the “Famous Relations”, and even then, they had a limit on how many you could have listed, so a few got bumped before I copied it to FB Notes (which are still a thing!), just to cross ref with another distant “cousin”.

My sister did the Ancestry test a few years back. Most of what we already know, but a few surprises, like we have the rare Irish-Sicilian gene (like Donal Logue) and could have helped out a VERY distant cousin in Italy with health issues, had sister not been DX’d with fibro ages ago and, aside from my own health issues, I’ve since been perma-banned from donating anything EVER because of an ACUTE case of HCV. @_@
She did joke that our maternal cousins don’t even have any Sicilian, despite their father being full Italian American, and his (grand?)father even worked for Capone!

Just last month, she got a hit on the mystery that was our (maternal-paternal-Paternal) great-grandfather. The story we had all been told for the past century+ was that, in 1895, a “young couple passing thru town” left early without notice and within a day, a newborn baby was found crying in an empty house near where they had been staying. Somehow, the name Merrit/t or Merrick(?) had gotten attached to him, but he always went by his foster father’s surname. (No clue how this name was found?)

(Even for them, we’re not sure what the circumstances were. We now think gg-gm may have had health issues preventing her from carrying full term, so they set out to adopt a couple kids, fostering grandpa Joe and then fully adopting a girl later on as his sister. My sister has turned up some WEIRD inheritance stuff from historical museum (this couple were local business magnates of town, pretty much requiring an heir) which may have contributed to the break up of his marriage to grandma, as well as his leaving the state for the rest of his life. We were told that he had an argument with ggm’s dad/his FiL (an immigrant and former German minor nobleman/mayoral family-?), with whom they were living with at time. The fight was allegedly over taking grandpa fishing, and things escalated from there, but grandpa was like 7yo at time, and grandma never spoke of her husband. Minor shunning from The Church over this separation, despite never having an Official Divorce, which would have been worse!)

Well, even that story and name turned out to be false. She now has DNA links to a more recent name, Hawk, which she originally believed to be his paternity, but now seems to be his maternal side? Oh, and the parents were 20+ years apart, and she’s already dug up records on his family, which reveal he was married to someone else at the time! and both sides have at least one relation with “[presidential name] Smith” or something (re: George Washington Carver), right alongside the usual 19th century Biblical name nonsense.

So at this point, we’re looking at affair and abandoning the resulting baby, as sister has confirmed the mother had another family a few years later. Also, he was born in and adopted out of St Louis, not the next county over, which would be a good day’s ride, back then. Maybe a few hours by train/steamboat?

Oh, and grandpa Joe may have uncovered *something*, as my sister has uncovered part of his trail between leaving his family and where he wound up living the rest of his life coinciding with areas that his bio-family were living around that time.

So, yeah. Some good things come out of this testing, and some not so good. Depends on the situation.