Hackers target 23andMe DNA testing company, gain access to 6.9 MILLION user profiles
12/15/2023 // Zoey Sky // Views

DNA testing company 23andMe recently faced a cyber attack that resulted in hackers gaining access to personal information from about 6.9 million account holders using customers' old passwords.

In some cases, the information hackers were able to steal included family trees, birth years and geographic locations, reported 23andMe.

After weeks of speculation, 23andMe publicly acknowledged that more than half of its customers had been affected by the security breach. The DNA testing firm declared that the stolen data did not include DNA records.

Hackers accessed 23andMe database using information from other hacks

23andMe is one of the biggest names in the growing ancestor-tracing industry. It offers customers genetic testing with ancestry breakdown and personalized health insights.

The South San Francisco-based biotechnology company was not hacked itself, but cyber-criminals were able to log in to about 14,000 individual accounts belonging to 0.1 percent of 23andMe customers, by using email and password details previously exposed by other cyber attacks.

The hackers used a technique called credential stuffing, which allowed them to use old usernames and passwords from other websites to break into 23andMe customer accounts. A 23andMe spokesperson did not respond to questions about who was behind the cyber attack.

"23andMe has completed its investigation, assisted by third-party forensics experts. We are in the process of notifying affected customers, as required by law," read a statement posted on the company’s website.

23andMe also said that it has taken precautionary measures to protect customer data, including "requiring all existing customers to reset their password and requiring two-step verification for all new and existing customers."

23andMe previously acknowledged that after accessing the user accounts, the hackers were able to find their way into "a significant number of files containing profile information about other users' ancestry."

The hackers downloaded data from those accounts, including the private information of all other users they had links to across the family trees on the website.

The 23andMe stolen data includes information like customer names, how each person is linked, and, in some cases, birth years, locations, pictures, addresses and the percentage of DNA customers shared with their relatives.

Additionally, the hackers were able to access the family tree profile information of about 1.4 million other customers who participated in the DNA relatives feature, including display names and relationship labels.

Following the cyber attack, one batch of data was advertised on a hacking forum as a list of people with Jewish ancestry. This raised concerns about targeted attacks against Jews.

However, there is currently no evidence that any of the datasets have been bought or used by criminals.

Improving cyber security behaviors key to preventing future hacks

Oz Alashe, CEO of risk management platform CybSafe, said that the data breach at 23andMe highlights the importance of "improving cyber-security behaviors in the general population."

Alashe added that poorly secured accounts "with weak passwords and no two-factor authentication, put all those sharing their sensitive data at risk."

For now, 23andMe said it will contact all affected customers and require others to update their passwords and improve their account security. (Related: AI and genetic engineering could trigger a “super-pandemic,” warns AI expert.)

However, the breach came as no surprise to Ramesh Srinivasan, a professor at the University of California, Los Angeles (UCLA) Department of Information Studies, because such incidents are becoming increasingly common.

Srinivasan also warned that it is "always possible for information to be stolen when it is provided to a third party."

"Should we be providing data that is so personal and so intimate to an organization that, largely speaking, only has a strong allegiance to their investors and their boards?"

Visit Glitch.news to read more stories about scams and cyber attacks.

Watch the video below for a cyber attack warning from InfoWars.

This video is from the EARTH SHAKING NEWS channel on Brighteon.com.

More related stories:

Biometric data and surveillance: DNA being eyed as the “ultimate global ID.”

DNA hacking? Hackers targeted users of DNA testing firm 23andMe.

HUMANS BEWARE: Mad scientists discover that human DNA can be controlled with electrical signals from wearable devices.

Sources include:

BBC.com

Edition.CNN.com

NYTimes.com

Brighteon.com



Take Action:
Support Natural News by linking to this article from your website.
Permalink to this article:
Copy
Embed article link:
Copy
Reprinting this article:
Non-commercial use is permitted with credit to NaturalNews.com (including a clickable link).
Please contact us for more information.
Free Email Alerts
Get independent news alerts on natural cures, food lab tests, cannabis medicine, science, robotics, drones, privacy and more.
App Store
Android App
eTrust Pro Certified

This site is part of the Natural News Network © 2022 All Rights Reserved. Privacy | Terms All content posted on this site is commentary or opinion and is protected under Free Speech. Truth Publishing International, LTD. is not responsible for content written by contributing authors. The information on this site is provided for educational and entertainment purposes only. It is not intended as a substitute for professional advice of any kind. Truth Publishing assumes no responsibility for the use or misuse of this material. Your use of this website indicates your agreement to these terms and those published here. All trademarks, registered trademarks and servicemarks mentioned on this site are the property of their respective owners.

This site uses cookies
Natural News uses cookies to improve your experience on our site. By using this site, you agree to our privacy policy.
Learn More
Close
Get 100% real, uncensored news delivered straight to your inbox
You can unsubscribe at any time. Your email privacy is completely protected.