Tuesday, July 23, 2024
-Advertisement-
Digital Senate
Digital Senate
Digital Senate
Digital Senate
HomeNewsCyber SecurityGenetic testing firm 23andMe hit by big data breach, over 4 million ancestral profiles exposed

Genetic testing firm 23andMe hit by big data breach, over 4 million ancestral profiles exposed

Follow Tech Observer on Google News

23andMe is among the leading direct-to-consumer genetic testing services which recently came under the scanner due to this severe data exposure.

Google News

In a staggering cyber data theft, over four million individuals have had their ancestral information leaked, marking a significant breach in 's data security. 23andMe is among the leading direct-to-consumer genetic testing services which recently came under the scanner due to this severe data exposure.

The culprit, a hacker named Golem, is no stranger to 23andMe's database. Golem had previously made headlines for leaking a sample of private user data from the genetic testing giant. This time around, the hacker has upped the ante by exposing a colossal amount of data, with hints at more leaks in the offing.

The leaked data, comes in two significant chunks. One part of the data comprises over four million individuals, with a majority allegedly hailing from the United Kingdom. The other part has details of over 100,000 individuals from Germany. Golem's audacious claim to have included “the wealthiest people living in the US and Western Europe” in this leak further magnifies the severity of the situation.

This leak follows a familiar yet alarming pattern, with the data revealing critical personal information such as names, sex, age, and location, alongside ancestral markers like lineage, yDNA, and mtDNA haplogroups which trace paternal and maternal ancestry. However, the authenticity of the data remains unverified as reports.

According to reports, the hacker boasted about having accessed data of 7 million 23andMe users, although, at the moment, only a fraction of that claim has been exposed. Specifically, Golem mentioned sharing just “1/3 of the profiles with German origins from the DB.”

23andMe, on its part, has been swift in addressing the issue, although it denies any incidents within its systems. Previously, the company had attributed such leaks to credential stuffing attacks, a tactic that reuses credentials from other breaches. The recent statement from a 23andMe spokesperson reiterated a similar stance, suggesting the breach resulted from customers who recycled login credentials used on other hacked websites.

As a preventive measure, 23andMe has notified its customers, urging a password reset and advising the activation of multi-factor authentication. The company is also collaborating with external forensic experts and federal law enforcement in an ongoing investigation.

23andMe, headquartered in San Francisco, is a recognised name in the world of personal genomics and biotechnology, providing direct-to-consumer DNA testing services. The company, which boasts over 12 million DNA test kits sold, is now in the eye of a storm that questions the security of genetic data.

The aftermath of this breach is already visible on 23andMe's share prices which plummeted almost 10% in a single day, now down by 62% since the beginning of the year.

Golem criticized the lax security measures of 23andMe, highlighting the absence of essential verification steps such as Captcha and email verification for downloading raw data. The hacker further taunted 23andMe for its inability to notice the unauthorized access despite the large scale data extraction.

Get the day's headlines from Tech Observer straight in your inbox

By subscribing you agree to our Privacy Policy, T&C and consent to receive newsletters and other important communications.
Tech Observer Desk
Tech Observer Desk
Tech Observer Desk at TechObserver.in is a team of technology reporters led by a senior editor who brings latest updates and developments from the world of technology.
- Advertisement -
Bitcoin 2024
Bitcoin 2024
Bitcoin 2024
Bitcoin 2024
- Advertisement -Digital Senate
- Advertisement -Education Sabha
- Advertisement -Bitcoin 2024
- Advertisement -ESDS SAP Hana

Subscribe to our Newsletter

83000+ Industry Leaders read it everyday

By subscribing you agree to our Privacy Policy, T&C and consent to receive newsletters and other important communications.
- Advertisement -

Will CBDT’s bet on Airtel transform Income Tax Department’s digital infra with Taxnet 2.0?

Taxnet 2.0 is designed to significantly improve the Income Tax Department's operations by providing robust dual connectivity using software-defined networks for both wide area networks (WAN) and secure local area networks (LAN).

RELATED ARTICLES