Hacker Claims Sale of Millions of 23andMe’s Customers' Genetic Profiles
DC elections board probes RansomedVC claims, UK ICO raps Snap over AI chatbot privacy, THORSwap halted illicit funds transfer, Stars Arena drained of $3m, Huobi hacker earns $400k bounty, much more
An anonymous hacker is claiming to be selling “millions” of genetic profiles cobbled together from hijacked genetic testing company 23andMe’s customer accounts, starting with a batch that would contain data of those with Jewish ancestry.
The seller suggested the profiles, which include email addresses, photos, gender, date of birth, and DNA ancestry, could be used to target users based on their ethnicity. The data does not include genomic details, which are especially sensitive. The usernames are often something other than full legal names.
However, a spokesperson said the company found no indication of a breach in its information systems. Instead, it appeared the attacker had engaged in credential stuffing by logging into individual customers’ accounts on 23andMe by re-using credentials found in databases for …
Keep reading with a 7-day free trial
Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.