|
December 5, 2023 – In an SEC filing, the company known as 23andMe has stated that it experienced a data breach exposing the account information for a subset of its customers. While the initial data breach was relatively small, only involving 14,000 of the company’s accounts, the damage was actually much more widespread. That’s because it also included data on the relatives of those account holders. By the time those people are included, the data breach extended to 6.9 million people.
23andMe uses DNA tests to determine a person’s ancestry. They allow anyone to purchase a DNA test and then provide them a wide variety of information based on the results. This includes ancestral information. Subscribers to the service have the ability to opt-into a program that allows them to find DNA relatives (a service they call DNAR) that have also used 23andMe.
This particular data breach was a result of hacking that targeted DNAR accounts. This allowed the hackers to access data on millions of people who weren’t directly impacted by the data breach. In response, the company has implemented two-factor authentication on all of its accounts and asked users to change their passwords.
The data obtained in the hack includes the account information on hacked accounts along with biometric data.
ACCESS is advising anyone who has used 23andMe to closely monitor their accounts for fraudulent activity.
Note: When posting a comment, please sign-in first if you want a response. If you are not registered, click here. Registration is easy and free.
|
Fraud and Scams 
