In a recent cyber incident, approximately 7 million 23andMe customers found themselves at the center of a data breach, unveiling vulnerabilities in the platform’s security protocols.
As confirmed by a 23andMe spokesperson to SC Media, the breach occurred in October, with hackers gaining unauthorized access to about 14,000 accounts, representing a mere 0.1% of the user base. The compromised data primarily originated from the DNA Relatives feature, where stolen credentials facilitated direct access to sensitive information, including display names, ancestry reports, and health-related details.
What started as a breach impacting a limited number of users quickly escalated, as 23andMe revealed that 5.5 million DNA Relatives profiles and an additional 1.4 million Family Tree profiles had been exposed. This significant expansion affected approximately 6.9 million customers, underscoring the severity of the incident.
The Intricate Attack Vector: Initially accessing a fraction of 23andMe’s vast user base, threat actors exploited stolen credentials from third-party websites. Leveraging this information, they infiltrated customer accounts and scraped data shared by those who opted into the DNA Relatives feature. This sophisticated attack allowed hackers to exponentially increase the scope of compromised data, potentially affecting hundreds or thousands of users per compromised account.
A mysterious figure known as “Golem” surfaced, claiming responsibility for leaking data from over 1 million Ashkenazi Jewish users and 300,000 Chinese users, followed by an additional 4.1 million British and German profiles. The breach, allegedly exposing data from over 7 million users in total, underscores the targeted nature of the attack.
Beyond the typical profile information, the breach revealed sensitive health data, including predispositions to type 2 diabetes and Parkinson’s disease. Reports also outlined gene carrier status for conditions such as cystic fibrosis and Tay-Sachs disease, raising concerns about the potential misuse of such intimate information.
In response to the breach, 23andMe took swift action, temporarily disabling features within the DNA Relatives tool and initiating a password reset for all users. Additionally, the company mandated the use of multi-factor authentication and email 2-step verification to enhance account security. Despite these measures, questions linger about the origins of the stolen credentials and the potential for future breaches.
As the dust settles on the 23andMe cybersecurity breach, users await further information on the extent of the compromise and the company’s commitment to fortifying its security infrastructure. This incident serves as a stark reminder of the evolving threats in the digital landscape and the imperative for continuous vigilance in safeguarding personal and sensitive information.
+ There are no comments
Add yours