23andMe probes new data leak of millions of genetic profiles

Share post:

23andMe is investigating reports of a new data leak involving millions of user records.

TechCrunch previously reported that a hacker claims to have leaked 4 million genetic profiles belonging to people in Great Britain, along with “the wealthiest people living in the U.S. and Western Europe.”

The hacker, who goes by “Golem,” is the same one that stole 1 million lines of genetic data from 23andMe earlier this month. Golem posted this latest round of data on the hacking site BreachForums.

Katie Watson, the vice president of communications at 23andMe, said the company was “made aware” that the same hacker claims to have leaked another trove of what they claim is customer information. “We are currently reviewing the data to determine if it is legitimate,” Watson says. “Our investigation is ongoing and if we learn that a customer’s data has been accessed without their authorization, we will notify them directly with more information.”

In a blog post published on October 6th, 23andMe confirmed that the data included in the previous leak was legitimate and affected the platform’s DNA Relatives feature, which lets users match with other potential genetic relatives on 23andMe.

At the time, 23andMe said it found no sign of a security incident within its systems, adding that the hacker was able to access users’ accounts using “recycled” login credentials that were exposed in other hacks.

This most recent leak involves the DNA Relatives feature as well, potentially enabling the hacker to scrape the information belonging to the relatives that an account has matched with.

The sources for this piece include an article in TheVerge.


Related articles

Google’s Gemini AI caught scanning private Google Drive documents without permission

Google's Gemini AI has come under fire for scanning private PDF documents in Google Drive without user consent....

Massive AT&T breach in 2022 one of the largest private communications data breaches

AT&T announced a significant data breach affecting nearly all of its mobile phone customers, marking one of the...

Security research team claims to have helped avert a major supply chain attack

JFrog Security Research team continuously scans public repositories such as Docker Hub, NPM, and PyPI to identify malicious...

Phishing attacks on state and local governments surge by 360%

Phishing attacks targeting state and local governments have surged by 360% between May 2023 and May 2024, according...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways