The personal genetics firm 23andMe recently confirmed a cyberattack that accessed data from around 6.9 million of its members. Although the hackers breached only about 0.1 percent of customer accounts (approximately 14,000), they gained access to information shared by genetically connected relatives. To counter this, 23andMe is notifying affected users, reinforcing security measures, and urging password resets with additional authentication steps. The breach occurred due to compromised login credentials recycled from other hacked websites, rather than a direct breach of 23andMe’s systems. The accessed data included genetic match details, potentially supplemented with user-provided birth dates and locations, impacting 5.5 million accounts, while 1.4 million had limited access to DNA profile information through the “Family Tree” feature.
Read more: https://www.securityweek.com/23andme-says-hackers-saw-data-from-millions-of-users/