23andMe data breach exposes genetic data of thousands of people
In a concerning turn of events, 23andMe, the prominent genetic testing company, has confirmed a breach of user data. While their systems remain uncompromised, attackers exploited login credentials and utilized the "DNA Relatives" feature to access user information.
The company is in the process of validating the leaked data and cannot confirm its authenticity at this time. Notably, the data sample claims to include profiles of notable figures like Mark Zuckerberg, Elon Musk, and Sergey Brin, although their legitimacy remains uncertain.
Details of 23andMe data breach
The breach came to light when hackers posted a sample of compromised data on BreachForums, which appeared to target Ashkenazi Jews, with a significant number of users of Chinese descent also affected.
The data retrieved from the 23andMe data breach includes display names, gender, birth years, and genetic ancestry information. Notably, it lacks raw genetic data.
23andMe states there's no evidence of a system breach. Instead, attackers likely used previously exposed login credentials from other breaches in a technique called "credential stuffing".
This method capitalizes on password reuse, highlighting the importance of unique passwords and two-factor authentication.
A broader implication
23andMe data breach underscores the risks associated with DNA databases and the potential exposure of sensitive genetic information.
Sharing such data through features like "DNA Relatives" raises concerns about privacy and security, akin to those faced by traditional social networks.
What does 23andMe do?
23andMe is a company that provides DNA genetic testing services. They offer various services, including:
- Ancestry Service: 23andMe can analyze your DNA to provide insights into your ancestry and genealogy. It helps you discover your ethnic origins and trace your family's genetic heritage
- Health + Ancestry Service: In addition to ancestry information, this service includes health-related genetic reports. It provides personalized insights into your genetic predispositions for certain health conditions, carrier status for specific diseases, and other actionable health information
- 23andMe+ Membership: This service includes access to ongoing updates and features related to your genetic data, as well as exclusive content and resources
Users typically provide a saliva sample to 23andMe, which is then analyzed in their laboratory to generate personalized genetic reports.
These reports can offer valuable information about your genetic traits, health risks, and ancestry.
Featured image credit: 23andMeAdvertisement