This is the email that GEDmatch sent out:
Dear GEDmatch user,
We are writing to inform you of a technical issue that occurred January 14th and temporarily affected one or more kits associated with your GEDmatch account.
During this isolated incident, a very small number of kits that had previously been deleted briefly reappeared in the kit owner’s account. The occurrence lasted 48 hours or less before the kits were permanently deleted.
This was not a data breach or “hack.” Please allow us to provide some detail on how this technical error occurred. As part of the transition when Verogen acquired GEDmatch last year, the company was required by General Data Protection Regulation (GDPR) to store certain information separately. On January 14th, we were able to merge the information that had been separate into our main database. This is when the error occurred. During the time the deleted information was stored on the separate server, no one had access to it. With the database merge complete, the information has now been permanently removed.
Importantly, the opt-in permissions were not changed on these accounts, therefore the kit owner’s preferences related to law enforcement matching for violent crime were honored.
Rest assured that the unique nature of this incident ensures that an error of this type will not happen in the future. If you wish to delete kits, they will be permanently deleted. Verogen or GEDmatch do not keep copies of the information, and the information is never sold to a third party.
Your privacy is of the utmost important to us. If you have further questions about this isolated incident, please reach out to us at email@example.com