Excerpt from The Techcrunch News Article, Published on Dec 04, 2023
Genetic testing company 23andMe has disclosed a staggering data breach impacting a substantial number of its users. Initially reported to affect 14,000 individuals, the breach revealed by hackers has now been confirmed to impact a whopping 6.9 million users, accounting for nearly half of 23andMe’s reported 14 million customers.
Hackers gained access to sensitive personal information, primarily affecting individuals who opted into 23andMe’s DNA Relatives feature. This compromised data includes names, birth years, relationship labels, DNA-sharing percentages with relatives, ancestry reports, and self-reported locations. Additionally, 1.4 million users had their Family Tree profile information accessed, containing display names, birth years, locations, and sharing preferences.
The breach, allegedly due to password reuse by customers, allowed hackers to exploit accounts using publicly known passwords from other breaches. The breach not only exposed individual account holders but also their relatives, magnifying the impact and number of affected individuals.
This revelation follows an earlier hacker’s claim in October, publishing alleged data on specific user groups and offering it for sale. According to TechCrunch’s analysis, the leaked data was authentic because it partially matched information that genealogists had previously shared online.
The breach’s scale and the compromise of sensitive ancestral information highlight the growing concerns around cybersecurity in the realm of genetic data, urging for stringent measures and heightened security protocols to safeguard users’ privacy.
To delve deeper into this topic, please read the full article on Techcrunch