Hacker Leaks Millions Of ’23andMe’ User Data On Cybercrime Site

FORT LAUDERDALE, FL - MARCH 07: Lt. Mike Baute from Florida's Child Predator CyberCrime Unit talks with a man on instant messenger during the unveiling of a new CyberCrimes office March 7, 2008 in Fort Lauderdale, Florida. The person on the other side of the chat told Lt. Baute, who is saying he is a 14-year-old girl, that he is a 31-year-old male and sent him a photograph of himself. According to current statistics, more than 77 million children regularly use the Internet. The Federal Internet Crimes Against Children Task Force says Florida ranks fourth in the nation in volume of child pornography. Nationally, one in seven children between the ages of 10 and 17 have been solicited online by a sexual predator. (Photo by Joe Raedle/Getty Images)
Lt. Mike Baute from Florida’s Child Predator CyberCrime Unit talks with a man on instant messenger during the unveiling of a new CyberCrimes office March 7, 2008 in Fort Lauderdale, Florida. (Photo by Joe Raedle/Getty Images)

OAN’s Elizabeth Volberding
6:00 PM – Thursday, October 19, 2023

23andMe, a popular genetics testing company, recently confirmed that data from its users has been hacked and the company is now in the process of investigating the breach.

Advertisement

It has been reported that a few million data points from the 23andMe user accounts have been revealed on Breach Forums, a cybercrime marketplace, leaking a trove of user information which was stolen from the company’s subset of data.

23andMe is a well-known biotechnology company that breaks down ancestry history, providing DNA testing services, family history information, and personalized health insights. 

Hackers posted the data on Breach Forums, claiming that it contains 1 million genetic data points “solely from Ashkenazi Jews.” There were also hundreds of thousands of users of Chinese nationality who were affected by the leak. 

The hackers’ specific reference of “Ashkenazi Jews” alarmed many Jewish individuals, particularly in light of the ongoing conflict between Israel and Hamas and the increasing prevalence of anti-Semitism.

On Wednesday, the unnamed hackers started selling 23andMe profiles. Depending on the purchase amount, each user profile costs anywhere from $1 to $10.

A person’s display name, sex, birth year, and additional information regarding their genetic ancestry—such as whether they are, for example, “broadly European” or “broadly Arabic”—are among the elements included in the data.

“Credential stuffing never really went away and a lot of it just comes down to the fact that humans reuse their passwords—that’s what makes it possible,” said Ronnie Tokazowski, a digital scams researcher. “And the fact that it’s claiming to target a Jewish population or celebrities—it’s not shocking. It reflects the underbelly of the internet.”

On Tuesday, a hacker who goes by the name of “Golem” published new data of 23andMe information containing user ancestry details. This leak contained about four million records from private user data and was shared on the cybercrime forum.

Golem claimed that the dataset also holds details on people who come from Great Britain, including information from “the wealthiest people living in the U.S. and Western Europe on this list.”

However, the genetic testing company has informed the public that it is in the process of working to verify the data.

Andy Kill, a 23andMe spokesperson, made an announcement in an emailed statement regarding the recent leak. Kill stated that the company is in the process of “reviewing the data to determine if it is legitimate.” 

23andMe stated that hackers had retrieved some user data via “credential stuffing.” This means that a common strategy hackers use is to try combinations of usernames or emails and corresponding passwords that have previously been made public from external data breaches.

Therefore, 23andMe has since encouraged users to change their passwords and have been prompted to switch on multi-factor authentication.

Stay informed! Receive breaking news blasts directly to your inbox for free. Subscribe here. https://www.oann.com/alerts

Advertisements below

Share this post!