Business

23andMe users could be affected by recent data breach 

6 December 2023 add comment

Data from nearly 7 million 23andMe users has been compromised in a recent data breach, impacting almost half of the platform’s total user base. 

The popular DNA testing company, known for helping users explore their genetic heritage and connect with relatives, faced scrutiny in October when hackers targeted individuals with Ashkenazi Jewish and Chinese ancestry. Although initially avoiding the term “data breach,” 23andMe conducted an investigation to safeguard user information.

Now, the company confirms that hackers have successfully accessed data from almost half of its 14 million users, exposing a wide range of personal information. Two main groups of users were affected, totaling 5.5 million and 1.4 million individuals, respectively. 

The first group opted into 23andMe’s DNA Relatives feature, while the second group included those who not only chose the DNA Relatives feature but also had their Family Tree profile information compromised.

The DNA Relatives feature, designed to facilitate connections between relatives, exposes highly sensitive personal details such as self-reported location, names, birth years, relationship labels, ancestry reports, and the percentage of DNA shared with relatives. 

With this breach, all this information, also accessible in the Family Tree, is no longer secure within the 23andMe system. The breach occurred due to weak or non-unique passwords, a vulnerability exploited by hackers who employed passwords from previous breaches. 

Users opting for the Relatives feature typically had lighter security measures, making it easier for hackers to access their accounts and pilfer personal information. Once one user’s account was breached, hackers could easily extend their reach to the user’s relatives, expanding the scope of data theft.

In response to the incident, 23andMe has concluded its investigation and will notify affected users. The company is instituting mandatory two-step verification for all users, new and existing, to bolster security. Additionally, customers are required to change their passwords to ensure the confidentiality of their information.

Related posts

Data of 5 million Robinhood users exposed in major data hack 

10 November 2021 add comment
The popular trading app Robinhood has reported that it has suffered a data breach, compromising the names and email addresses of 5 million of its users.  The platform, which has millions of... Read more »

Twitter fined $150 million for misleading users about data sharing

27 May 2022 add comment
Twitter has agreed to pay a $150 million fine for failing to protect the data of its users. According to federal officials, the company used data to help marketers target ads on... Read more »

The number of overdoses is still rising, according to recent data 

14 September 2023 add comment
Following the news that Narcan will soon be available over-the-counter in US pharmacies, new data from the US Centers for Disease Control and Prevention shows that 2023 is set to have even... Read more »

Leave a Reply

Your email address will not be published. Required fields are marked *