23andMe Cyberbreach Exposes DNA Data Potential Family Ties

p23andMe the popular DNA testing company has launched an investigation after client information was listed for sale on a cybercrime forum this weekppOn Oct 1 a post was published on the forum with a link to a sample of allegedly 20 million pieces of data from the genetic testing company claiming that it was the most valuable data youll ever see The first leak included 1 million lines of data but on Oct 4 the threat actor began offering bulk data profiles ranging from 1 to 10 per account in batches of 100 1000 10000 and 100000 profiles ppThe information leaked in the breach includes names usernames profile photos gender birthdays geographical location and genetic ancestry results pp23andMe has confirmed that the data is legitimate and stated that the threat actors used exposed credentials from other breaches to access 23andMe accounts and steal the sensitive data meaning that recycled login credentials accessed from other cyber incidents were used to gain access to accounts with the DNA companyppAccording to other reports of the breach many of the compromised accounts were those that had opted into the DNA Relatives feature available on the 23andMe platform The threat actor accessed a limited number of accounts and was able to scrape data associated with potential relatives company officials said ppThe scope of the breach remains unclear and it is unknown whether the threat actors have been in contact with 23andMe directlyppCopyright 2023 Informa PLC Informa UK Limited is a company registered in England and Wales with company number 1072954 whose registered office is 5 Howick Place London SW1P 1WGp