News

23andMe users could be affected by recent data breach

Data from nearly 7 million 23andMe users has been compromised in a recent data breach, impacting almost half of the platform’s total user base. 

The popular DNA testing company, known for helping users explore their genetic heritage and connect with relatives, faced scrutiny in October when hackers targeted individuals with Ashkenazi Jewish and Chinese ancestry. Although initially avoiding the term “data breach,” 23andMe conducted an investigation to safeguard user information.

Now, the company confirms that hackers have successfully accessed data from almost half of its 14 million users, exposing a wide range of personal information. Two main groups of users were affected, totaling 5.5 million and 1.4 million individuals, respectively. 

The first group opted into 23andMe’s DNA Relatives feature, while the second group included those who not only chose the DNA Relatives feature but also had their Family Tree profile information compromised.

The DNA Relatives feature, designed to facilitate connections between relatives, exposes highly sensitive personal details such as self-reported location, names, birth years, relationship labels, ancestry reports, and the percentage of DNA shared with relatives. 

With this breach, all this information, also accessible in the Family Tree, is no longer secure within the 23andMe system. The breach occurred due to weak or non-unique passwords, a vulnerability exploited by hackers who employed passwords from previous breaches. 

Users opting for the Relatives feature typically had lighter security measures, making it easier for hackers to access their accounts and pilfer personal information. Once one user’s account was breached, hackers could easily extend their reach to the user’s relatives, expanding the scope of data theft.

In response to the incident, 23andMe has concluded its investigation and will notify affected users. The company is instituting mandatory two-step verification for all users, new and existing, to bolster security. Additionally, customers are required to change their passwords to ensure the confidentiality of their information.

Linda Conrad

Recent Posts

CVS Removes Prescription Requirement for COVID-19 Vaccines Nationwide

  The US Centers for Disease Control and Prevention approved a recommendation requiring patients to…

2 weeks ago

Albanian Judge Fatally Shot Inside Tirana Courtroom

  A judge presiding at Tirana's appeals court was fatally shot Monday by a defendant…

3 weeks ago

CDC Acting Director Proposes Splitting MMR Vaccine Without Scientific Backing

  The acting director of the US Centers for Disease Control and Prevention has called…

3 weeks ago

Russia Launches Deadly Mass Strike on Ukrainian Cities

  Russia executed a large-scale overnight assault on Ukraine involving missiles and drones, resulting in…

3 weeks ago

Meta to Leverage AI Chat Data for Targeted Advertising

  Meta announced Wednesday that conversations users have with its AI chatbot will soon inform…

3 weeks ago

Taylor Swift’s Concert Film Revitalizes Theater Industry

  American cinema chains are experiencing renewed energy following another disappointing summer box office season.…

3 weeks ago