23andMe Cyberbreach Exposes DNA Data, Potential Family Ties

The information leaked in the breach involves personally identifiable information as well as genetic ancestry data, potential relatives, and geolocations.

Dark Reading Staff, Dark Reading

October 6, 2023

1 Min Read
Concept of DNA closeup
Source: Alex Kotelnikov via Alamy Stock Photo

23andMe, the popular DNA testing company, has launched an investigation after client information was listed for sale on a cybercrime forum this week.

On Oct. 1, a post was published on the forum with a link to a sample of allegedly "20 million pieces of data" from the genetic testing company, claiming that it was "the most valuable data you'll ever see." The first leak included 1 million lines of data, but on Oct. 4, the threat actor began offering bulk data profiles ranging from $1 to $10 per account in batches of 100, 1,000, 10,000, and 100,000 profiles. 

The information leaked in the breach includes names, usernames, profile photos, gender, birthdays, geographical location, and genetic ancestry results. 

23andMe has confirmed that the data is legitimate and stated that "the threat actors used exposed credentials from other breaches to access 23andMe accounts and steal the sensitive data," meaning that recycled login credentials accessed from other cyber incidents were used to gain access to accounts with the DNA company.

According to other reports of the breach, many of the compromised accounts were those that had opted into the "DNA Relatives" feature available on the 23andMe platform. The threat actor accessed a limited number of accounts and "was able to scrape data associated with potential relatives," company officials said. 

The scope of the breach remains unclear, and it is unknown whether the threat actors have been in contact with 23andMe directly.

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights