Genetics firm 23andMe says user data stolen in credential stuffing attack
pMortgage giant Mr Cooper says customer data exposed in breachppCISA warns of actively exploited Juniper preauth RCE exploit chainppLockBit ransomware leaks gigabytes of Boeing datappFBI Royal ransomware asked 350 victims to pay 275 millionppMeet the Unique New Hacking Group AlphaLockppSave 112 on a lifetime subscription to AdGuards ad blockerppEthereum feature abused to steal 60 million from 99K victimsppFBI Royal ransomware asked 350 victims to pay 275 millionppQualys BrowserCheckppSTOPDecrypterppAuroraDecrypterppFilesLockerDecrypterppAdwCleanerppComboFixppRKillppJunkware Removal ToolppBest VPNsppHow to change IP addressppAccess the dark web safelyppBest VPN for YouTubeppRemove the Theonlinesearchcom Search RedirectppRemove the Smartwebfindercom Search RedirectppHow to remove the PBlock adware browser extensionppRemove the Toksearchesxyz Search RedirectppRemove Security Tool and SecurityTool Uninstall GuideppHow to Remove WinFixer Virtumonde Msevents TrojanvundoppHow to remove Antivirus 2009 Uninstall InstructionsppHow to remove Google Redirects or the TDSS TDL3 or Alureon rootkit using TDSSKillerppLocky Ransomware Information Help Guide and FAQppCryptoLocker Ransomware Information Guide and FAQppCryptorBit and HowDecrypt Information Guide and FAQppCryptoDefense and HowDecrypt Ransomware Information Guide and FAQppHow to enable Kernelmode Hardwareenforced Stack Protection in Windows 11ppHow to use the Windows Registry EditorppHow to backup and restore the Windows RegistryppHow to open a Windows 11 Command Prompt as AdministratorppHow to start Windows in Safe ModeppHow to remove a Trojan Virus Worm or other MalwareppHow to show hidden files in Windows 7ppHow to see hidden files in WindowsppeLearningppIT Certification CoursesppGear GadgetsppSecuritypppp23andMe has confirmed to BleepingComputer that it is aware of user data from its platform circulating on hacker forums and attributes the leak to a credentialstuffing attackpp23andMe is a US biotechnology and genomics firm offering genetic testing services to customers who send a saliva sample to its labs and get back an ancestry and genetic predispositions reportppRecently a threat actor leaked samples of data that was allegedly stolen from a genetics firm and a few days later offered to sell data packs belonging to 23andMe customersppThe initial data leak was limited with the threat actor releasing 1 million lines of data for Ashkenazi people However on October 4 the threat actor offered to sell data profiles in bulk for 110 per 23andMe account depending on how many were purchasedppA 23andMe spokesperson confirmed the data is legitimate and told BleepingComputer that the threat actors used exposed credentials from other breaches to access 23andMe accounts and steal the sensitive datappWe were made aware that certain 23andMe customer profile information was compiled through access to individual 23andMecom accounts stated 23andMes spokespersonppWe do not have any indication at this time that there has been a data security incident within our systemsppRather the preliminary results of this investigation suggest that the login credentials used in these access attempts may have been gathered by a threat actor from data leaked during incidents involving other online platforms where users have recycled login credentialsppThe information that has been exposed from this incident includes full names usernames profile photos sex date of birth genetic ancestry results and geographical locationppBleepingComputer has also learned that the number of accounts sold by the cybercriminal does not reflect the number of 23andMe accounts breached using exposed credentialsppThe compromised accounts had opted into the platforms DNA Relatives feature which allows users to find genetic relatives and connect with themppThe threat actor accessed a small number of 23andMe accounts and then scraped the data of their DNA Relative matches which shows how opting into a feature can have unexpected privacy consequencespp23andMe told BleepingComputer that the platform offers twofactor authentication as an additional account protection measure and encourages all users to enable itppUsers should refrain from reusing passwords and consistently employ strong distinct credentials for every online account they havepp23andMe hit with lawsuits after hacker leaks stolen genetics datappTransForm says ransomware data breach affects 267000 patientsppMcLaren Health Care says data breach impacted 22 million peopleppKyocera AVX says ransomware attack impacted 39000 individualsppOkta hit by thirdparty data breach exposing employee informationppCongratulations idiots You willingly gave them your DNA even after we warned you this kind of thing would happenppOh f off and stop blaming people for being so interested in their lineage and ancestral composition and makeup Its such a fascinating and interesting subject and you cant fault people for being interested in itppBut using the same password for DNA genetic information is not the smartest thing to do people should be more aware of the dangers of reusing the same passwords for important websites And use two factor authenticationppMillions of lines from hundreds of thousands accounts by credential stuffing Sorry I dont believe that In that case someone should have tried trillions of breeched userpasswords to get 100000 successfull logins maybe from single IP source Their monitoring should have detected and blocked this Or the attacker has stolen these credentials from them or the attacker has a kind of adminsupervisor access to their databaseppIts possible the dark web OP hasnt actually harvested that many accounts but it looks good for them to pretend they have That aside 23andMe try to mitigate your suspicions by mentioning the DNA Relatives feature While its true these types of features act as viral media vectors in themselves Im not buying it either It doesnt add up and I believe they are as full of it as you doppAny chance Google SSO could have been used to accelerate the breach count My business now uses google sso with white listed third parties It didnt do so beforeppNot a member yet Register NowppIranian hackers launch malware attacks on Israels tech sectorppLockBit ransomware leaks gigabytes of Boeing datappMalwarebytes AntiMalwareppWindows Repair All In OneppMcAfee Consumer Products Removal toolppAdwCleanerppEverything Desktop SearchppTerms of Use Privacy Policy Ethics Statement Affiliate DisclosureppCopyright 2003 2023 Bleeping Computer LLC All Rights ReservedppNot a member yet Register NowppRead our posting guidelinese to learn what content is prohibitedp