… a significant number of files containing profile information about other users’ ancestry.Genetic testing company 23andMe explaining customer information that hackers accessed in a cyber attack in October.
Why It Matters: 23andMe disclosed a data breach in early October, and while who is behind the attack remains unknown to the public, about half of the company’s 14 million customers have been impacted by the hacking – in some cases compromising information including names, birth year, percentage of DNA shared with relatives, and self-reported locations. The hackers were able to first access a smaller percentage of accounts through using “old passwords that 23andMe customers had used on other sites that had been compromised,” The New York Times explains; the hacker was then able to access other accounts connected to the compromised accounts (e.g., relatives). Following the incident’s detection, 23andMe required all customers to reset their passwords, and “now requires all new and existing customers to login using two-step verification.”
by Emily Hooker, based in Texas