BT Academy
Wednesday, April 24, 2024
BT Academy

@2022 - All Right Reserved. Designed and Developed by PenciDesign

Home Cyber Security Seven months after it found out, FamilySearch tells users their personal data has been breached • Graham Cluley
Cyber Security

Seven months after it found out, FamilySearch tells users their personal data has been breached • Graham Cluley

by BlueTrainingAcademy
written by 0 comment 0 views
0 FacebookTwitterPinterestEmail

Seven months after discovery, FamilySearch informs users that their personal data has been compromised

Earlier this month, genealogy website FamilySearch announced A hacker broke into the system and stole personal data about the user.

The site, run by the Church of Latter-day Saints (better known as Mormons) and billing itself as “the world’s largest shared genealogy,” emailed affected users on October 13, 2022 about the data breach. I notified you.

The email begins like this:

Dear Account Holder:

FamilySearch International (“FSI”), a Utah non-profit organization, has detected an unauthorized network intrusion affecting previously provided personal data. At this time, there are no indications that the data has been or could be used for fraudulent or other harmful purposes. Affected data did not include user genealogy data. We notify users worldwide that their data may have been affected, even if we are not legally required to do so.

Yes, they are notifying people whose data may have been affected, “even if this is not legally required”.

That’s their good point.

But wait, read some more…

“On March 23, 2022, we detected unauthorized access to certain computer systems. We immediately notified U.S. federal law enforcement agencies. I have been asked to keep it. This order will be lifted on October 12, 2022.”

Hmmm.. hackers stole data like user full name, gender, email address, date of birth, mailing address, phone number etc. (all useful information that could be misused by scammers) …but FamilySearch does it.

But don’t worry…

Affected data did not include user genealogy data.

So your great-great-great-great-grandmother has nothing to worry about.

sign up for newsletter
Security news, advice and tips.

FamilySearch says it can’t pin down who hacked the system, but U.S. law enforcement officials say the intrusion “has taken effect on organizations and governments around the world that weren’t intended to harm any individual.” We suspect it was part of a pattern of targeted, state-sponsored cyberattacks.

So don’t worry…

Because you will spend a lot of time changing your name, gender, date of birth, etc.

But seriously, shouldn’t affected users have been notified sooner? Is it possible to delay the notification by more than half a year?

It turns out that FamilySearch users weren’t the only ones whose data was stolen. The same hackers also apparently attacked the genealogy site’s owner, the Mormon Church. Steal personal information of church members, employees, contractors and friends.

Did you find this article interesting? Follow Graham Cluley on Twitter To read more about the exclusive content we post.

Graham Cluley is a veteran of the antivirus industry and has worked for many security companies since the early 1990s when he created the first version of Dr. Solomon’s Antivirus Toolkit for Windows. He is now an independent security he is an analyst and makes regular media appearances and lectures internationally on the topics of computer he security, hackers and online he privacy. Follow him on Twitter. @gcluleyor drop him an email.

Tags: breachedCluleydataFamilySearchGrahammonthspersonaltellsUsers
0 FacebookTwitterPinterestEmail
cropped-BTA_Logo-B-1-scaled-1
YOUR FUTURE STARTS HERE.

BLUE TRAINING ACADEMY

Register now for our membership to gain access to our elite training program and fast forward your career today!

Security Training

Top 10 Qualities Of Effective Security Guards That Make Them Stand Out
How To Stay In Shape While Working As A Newly Hired Security Guard?
Things No One Will Tell You To Become A Successful Private Patrol Guard
5 Things Security Guards Should Keep In Mind When Conducting Site Tours
Proven Ways To Reduce No-Shows Using Guardso Guard Tour Software

Newsletter

Subscribe my Newsletter for new blog posts, tips & new photos. Let's stay updated!

Related Posts

Casbaneiro Banking Malware Goes Under the Radar with UAC Bypass Technique

How to write a killer pentest report • Graham Cluley

Critical Zero-Days in Atera Windows Installers Expose Users to Privilege Escalation Attacks

Local Governments Targeted for Ransomware – How to Prevent Falling Victim

New Variant of AsyncRAT Malware Spreading Through Pirated Software

Apple Threatens to Pull iMessage and FaceTime from U.K. Amid Surveillance Demands

Azure AD Token Forging Technique in Microsoft Attack Extends Beyond Outlook, Wiz Reports

Sophisticated BundleBot Malware Disguised as Google AI Chatbot and Utilities

Tech support scammers trick victims into old-school offline money transfer

Turla’s New DeliveryCheck Backdoor Breaches Ukrainian Defense Sector

Boris Johnson’s WhatsApps, and sextorting party girls • Graham Cluley

How to Manage Your Attack Surface?

Security Videos

Doctor Checkup for Kids – Types of Doctors...
chill out & romanticize your CURRENT reality #selfawareness...
Hacker, IT-Forensiker oder doch Consultant? 5 IT-Security Berufe...
Data matters! Do Security Training Better
cropped-BTA_Logo-B-1-scaled-1
Security Blog

Blue Training Academy

Blue Training Academy was developed in 2018 as a educational and training facility for continuing education and certification courses. Blue Training Academy is an educational institution that allows for all sectors of the public and Criminal Justice field to gain ongoing training and education.

Facebook Twitter Youtube Twitch

Editors' Picks

🎊🎉Discovering the power of self-awareness 🌟 #shorts #thinkbig
🌸 Self Awareness
🔴 November 17's Top Cyber News NOW! –...
🦋 Happiness : Just Be 🦋 Self Awareness

Copyright ©️ All rights reserved. | Blue Training Academy Blog