23andMe Data Breach: Hackers Access “Significant Number” Of User Files


Genetic testing company 23andMe has revealed that hackers gained unauthorized access to a “significant number” of files containing profile information about users’ ancestry. In a recent data breach, the company determined that approximately 14,000 customer accounts, which accounts for 0.1% of its customer base, were compromised. The breach occurred due to a technique known as “credential stuffing,” where cybercriminals exploit known passwords to gain unauthorized access to user accounts.

Key Takeaway

Approximately 14,000 customer accounts were compromised in 23andMe’s recent data breach, allowing hackers to access a significant number of files containing profile information about users’ ancestry. The stolen data includes both ancestry and health-related information for some accounts. 23andMe has taken immediate action to enhance security measures and has prompted other DNA testing companies to follow suit.

Extent of the Breach

Although 23andMe did not specify the exact number of files accessed or the number of users impacted, it is evident that the breach has potentially exposed personal information belonging to users who had opted into the company’s DNA Relatives feature. This feature allows users to share their information with others connected to them. Consequently, the hackers who breached one victim’s account were able to access personal data pertaining to the people connected to that account.

Stolen Data

The stolen data primarily consisted of ancestry information. However, for a subset of accounts, health-related information based on the users’ genetics was also compromised. The company acknowledged that certain information was posted online by the hackers but did not disclose the specifics.

Response and Security Measures

Following the breach, 23andMe took immediate action to protect its users. On October 10, all users were prompted to reset their passwords, and the company encouraged the adoption of multi-factor authentication. Subsequently, on November 6, the company made two-step verification mandatory for all users. These measures aim to enhance the security of user accounts and prevent unauthorized access in the future.

Industry-Wide Impact

The 23andMe data breach has prompted other DNA testing companies, such as Ancestry and MyHeritage, to take similar steps towards improving security. These companies have also implemented mandatory two-factor authentication to protect their customers’ information.

Leave a Reply

Your email address will not be published. Required fields are marked *

Recent Stories

How Much Does Minecraft Cost On PC

Where To Find Allay Minecraft

Intuitive Machines Successfully Lands Spacecraft On The Moon

How To Make A Spiral Staircase In Minecraft

How To Tame An Allay In Minecraft

What Do Minecraft Turtles Eat

How To Make A Ladder In Minecraft

How To Get Seagrass In Minecraft