Hackers make off with ancestry info of 6.9 million 23andMe users

In a shocking genetic data heist, the personal ancestry data of nearly 7 million 23andMe users found itself in the grubby virtual hands of hackers. What was initially brushed off as a minor breach of around 14,000 accounts turned out to be a much bigger mess than the genetic testing company could have imagined. 23andMe, the California-based company, had to swallow a bitter pill as it admitted to the gigantic breach. The hackers, through an old-school technique known as “credential stuffing,” used old passwords to pry open the digital doors of 23andMe. READ MORE: 23andMe pockets $20M from GSK to share anonymized DNA data The company’s statement was a masterclass in corporate understatement, saying they “believe” hackers “may have” accessed accounts and “obtained information.” No kidding. Ironically, it was 23andMe’s own DNA Relatives feature, designed to connect users with their long-lost genetic cousins, that proved to be its Achilles’ heel. This opt-in feature became the gateway for the hackers to access the personal data of about 5.5 million users. As if that wasn’t enough, another 1.4 million users who had also opted into DNA Relatives had their family tree profiles accessed. In the aftermath of the breach, the company was left scrambling to control the damage. But the internet’s underbelly was already abuzz. Hackers didn’t waste any time posting a sample of the stolen data on a dark web forum known as BreachForums. According to TechCrunch, the hackers claimed that the sample contained 1 million data points exclusively about Ashkenazi…Hackers make off with ancestry info of 6.9 million 23andMe users

Leave a Reply

Your email address will not be published. Required fields are marked *