1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • 23andMe hackers accessed a whole lot of user's personal data

    From TechnologyDaily@1337:1/100 to All on Mon Dec 4 16:15:05 2023
    23andMe hackers accessed a whole lot of user's personal data

    Date:
    Mon, 04 Dec 2023 16:11:31 +0000

    Description:
    The company's filing with the SEC unveils more concerning details about the 23andMe October data breach.

    FULL STORY ======================================================================

    Biogenetics company 23andMe has submitted a new filing with the U.S. Securities and Exchange Commission (SEC) detailing the data breach it
    suffered in early October 2023.

    In the filing, the company said that the threat actors accessed data on 0.1% of its customer base - roughly 14,000 individuals if the company's recent claim to have more than 14 million customers worldwide in a recent annual earnings report is to be believed.

    But it gets a bit more complicated than that. 23andme is a genetics testing and ancestry company and sometimes users share this data with other accounts via the DNA Relatives feature. Consequently, the attackers accessed a significant number of files containing profile information about other users ancestry that such users chose to share. Credential stuffing

    The explanation is vague, so we dont know exactly how many files were accessed, or how many other users were affected. But what is known is that a threat actor tried to sell millions of data pieces belonging to 23andMe on
    the dark web. The company later confirmed the datas authenticity, saying a hacker most likely used credential stuffing (trying an infinite amount of username/password combinations) to access its systems.

    The stolen data generally included ancestry information, and, for a subset of those accounts, health-related information based upon the users genetics.
    Most people have had their profile information and certain information
    stolen, the company said, in a previous, equally vague announcement.

    Previous media reports said the database included origin estimation,
    phenotype and health information, photos and identification data, raw data, and some other account information.

    The dark web leak reportedly contained one million lines of data for
    Ashkenazi people (via Bleeping Computer ), also affecting more than 300,000 users of Chinese descent (via The Record ).

    Via TechCrunch More from TechRadar Pro Millions more 23andMe records leaked online Here's a list of the best firewalls today These are the best endpoint protection software right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/23andme-hackers-accessed-a-whole-lot-of -users-personal-data


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)