Image Courtesy Of ReadWrite
U.S. biotech firm 23andMe’s user data was leaked and is now circulating on hacker forums. 23andMe confirmed the data leak’s authenticity to BleepingComputer and says it believes a credential-stuffing attack is to blame.
This article was written by Maxwell Williams and originally published by ReadWrite.
23andMe user data offered for sale
A few days ago, 1 million lines of data specific to Ashkenazi individuals began circulating on hacker forums. Then, on Oct. 4, the cybercriminal who had leaked the user-data sample purportedly stolen from 23andMe began offering to sell individual profile datasets for $1-$10 each, with the price varying based on the number of datasets purchased.
23andMe has now confirmed the authenticity of the data to BleepingComputer. A spokesperson indicated that hackers likely used credentials leaked from breaches on other platforms. “We don’t see evidence of a security incident within our systems,” they added.
The information exposed in 23andMe’s user data leak allegedly includes users’ names, locations, birthdays, sex, photos, and genetic ancestry results. BleepingComputer’s own investigation found that the number of sold accounts doesn’t currently match the total number of breached 23andMe accounts.
BleepingComputer noted the breached accounts had activated 23andMe’s DNA Relatives feature, which lets users discover and connect with genetic relatives). Initially accessing only a limited number of accounts, the hacker could then scrape data from the users’ networks of DNA Relative matches.
ReadWrite has not yet independently confirmed these statements but has requested further details on the investigation from 23andMe. Nevertheless, users should always follow proper digital hygiene by never repeating account credentials across websites, using strong passwords, and enabling two-factor authentication when possible. Even though 23andMe offers and recommends using 2fa security, this recent data breach also suggests that networking features like DNA Relatives are yet another vulnerability.
An interactive baseball management simulator gives fans the chance to make roster moves, navigate trades,… Read More
US prosecutors moved to drop a sex assault case against disgraced movie producer Harvey Weinstein Thursday after… Read More
The University of Michigan’s Consumer Sentiment Index just printed 44.8 in May. That’s the worst… Read More
America’s largest private landowners oversee vast stretches of ranchland, timberland, farmland, and conservation areas. This… Read More
Bernstein analyst Eunice Lee is out with a fascinating note explaining why automakers are making… Read More
The Keir Starmer experiment is officially over, as was growing increasingly clear over the weekend,… Read More
This website uses cookies.