Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Breaches

23andMe Says Hackers Saw Data From Millions of Users

Personal genetics firm 23andMe said hackers accessed the personal information about 6.9 million of its members.

23andMe Hacked

Personal genetics firm 23andMe on Tuesday confirmed that hackers using stolen passwords accessed the personal information about 6.9 million of its members.

While the hackers were only able to get into about 14,000 accounts, or 0.1 percent of its customers, they were able to see information shared by genetically linked relatives at 23andMe, a spokesperson said in reply to an AFP inquiry.

23andMe is in the process of notifying affected customers and has hardened account security by requiring users to reset passwords and set up a second authentication method such as sending a temporary code to a mobile phone, according to the spokesperson.

In early October, 23andMe detected that data thieves had gotten into accounts safeguarded by login details recycled from other websites that had been compromised, the company said.

“We do not have any indication that there has been a breach or data security incident within our systems, or that 23andMe was the source of the account credentials used in these attacks,” the spokesperson said.

Of the 6.9 million accounts hacked, 5.5 million contained information on genetic matches and may have also included birth dates and locations if provided by users, according to 23andMe.

An additional 1.4 million of the hacked accounts had limited access to some DNA profile information as part of the “Family Tree” feature, the spokesperson said.

23andMe was founded in 2006 and is based in Mountain View, California, where Google also has its headquarters.

Advertisement. Scroll to continue reading.
Written By

AFP 2023

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn about active threats targeting common cloud deployments and what security teams can do to mitigate them.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

CISO Strategy

Okta is blaming the recent hack of its support system on an employee who logged into a personal Google account on a company-managed laptop.

Data Breaches

A group of hackers has leaked Atlassian employee records and floorplans, information that was obtained from third-party workplace platform Envoy.

Data Breaches

Sony shares information on the impact of two recent unrelated hacker attacks carried out by known ransomware groups. 

Data Breaches

KFC and Taco Bell parent company Yum Brands says personal information was compromised in a January 2023 ransomware attack.

Data Breaches

Delta Dental of California says over 6.9 million individuals were impacted by a data breach caused by the MOVEit hack.