2023-10-09 13:10:37
Website hackers BreachForums stole and put for sale on the dark web personal data of seven million customers of the genealogical testing company 23andMe. This is a Californian company specializing in genetic testing which offers customers the opportunity to know their origins and their health risks (see Business around genetic testing: 23andMe sells the rights to a drug; 23andMe comes to sell all its genetic data to the pharmaceutical industry). The stolen data includes a “ estimate of origin », phenotype, health information, photos and identification data.
The hackers targeted the data of a million users of Ashkenazi Jewish origin as well as hundreds of millions of people of Chinese origin. Other data was also stolen through one of the optional features of 23andMe« DNA Relatives “, which allows users to connect with potential parents who share similar DNA. This stolen data is sold for a value of $1 to $10 per account.
An investigation has been opened. According to the company 23andMe, its systems were not violated (see 23andMe: Towards protection of genomic data?). On the other hand, the pirates would have “ was able to access some accounts in cases where users recycled their login credentials – that is, the usernames and passwords used on 23andMe.com were the same as those used on other other websites that have already been hacked », defended the company in a press release. This is a hacking technique called “ credential stuffing ».
Sources : The Washington Times, Brad Matthews (07/10/2023) ; The Epoch Times, Aldgra Fredly (08/10/2023) – Photo : iStock
1696861489
#Hackers #steal #data #genealogy #testing #company #23andMe