Hackers gained access to the data of millions of 23andMe customers through a feature that helps find relatives

by alex

DNA Relatives matches customer data with other users' data to find genetic matches.

According to an internal investigation, hackers initially hacked about 0.1% of accounts (or 14 thousand out of 14 million), but thanks to the DNA Relatives feature they were able to penetrate other accounts – about 5.5 million. An additional 1.4 million accounts were affected due to hackers using Family Tree profile information.

DNA Relatives profiles contain sensitive data such as first names, last names and locations, DNA match information, potential connections and ancestry reports. Family Tree profiles reveal information about names, relationships, birth years, and locations.

After first reporting the leak in October and conducting an initial investigation, 23andMe said that “no genetic testing results were leaked.”

For the attack, the hackers used login logins and passwords that were duplicated from previously broken sites, and then published the resulting information on the dark web. They tried to sell the data of individual victims for $1-10. At the same time, before the publication of the news about the hacking of 23andMe, on another hacker forum more amounts of the company’s data were offered – about 300 terabytes were sold for $50 million.

READ
Artificial intelligence “predicts” the weather more accurately than meteorologists - and gives a 10-day forecast in a minute

23andMe advised victims to change their passwords and later introduced mandatory two-factor authentication. The company subsequently added that “the hacker attack was contained” and that it was “working to remove the published information.”

Vacancies

PHP dev Bobby Casino, Viddaleno, salary 650

Full Stack Developer (Next.js React Nest.js) Amofintech, Kiev

Marketing Manager Teamvoy

You may also like

Leave a Comment