June 14, 2024


We curate, you explore: making sense of global trends.

Insights from SEC Filing: 23andMe Data Breach Exposed 0.1% of User Accounts

2 min read
NEWS building city business event global crisis insight economic analysis enviromental living world lifestyle (12)

23andMe Data Breach Exposes 0.1% of User Accounts

23andMe, a leading DNA testing company, recently revealed the extent of a data breach that affected a small percentage of its user accounts. The breach, initially disclosed in October, raised concerns about the security and privacy of sensitive genetic and personal information. Let’s delve into the details revealed by the recent SEC filing and its implications for 23andMe users and the company.

The Scope of the Breach

The SEC filing disclosed that approximately 0.1% of 23andMe’s userbase, equating to about 14,000 accounts out of 14 million, were affected by the data breach. It was determined that hackers were able to exploit the company’s DNA Relatives feature, accessing profile and ancestry information of a subset of users. The breach did not compromise genetic testing results, but it did expose ancestry and, in certain cases, health-related information based on users’ genetics.

Method of Attack

The breach was the result of a credential-stuffing attack, a technique where hackers used login credentials obtained from previous data breaches on other platforms to gain unauthorized access to 23andMe accounts. As a consequence, a significant number of files containing profile information about users’ ancestry was accessed and shared online by the threat actors.

Company’s Response and Further Actions

Following the discovery of the breach, 23andMe promptly advised affected users to change their passwords and subsequently implemented two-factor authentication for all its customers. The company has completed its investigation and is in the process of notifying all affected users. Additionally, 23andMe expressed its belief that the threat actor activity has been contained and is actively working to remove the publicly-posted information.

Key Points:

– 23andMe’s SEC filing revealed that 0.1% of its userbase, approximately 14,000 accounts, were affected by the data breach.
– Hackers exploited the DNA Relatives feature to access profile and ancestry information of certain users.
– The breach did not compromise genetic testing results but exposed ancestry and, in some cases, health-related information based on users’ genetics.
– The attack was initiated through a credential-stuffing technique using login credentials from other breached websites.
– 23andMe has advised affected users to change their passwords, introduced two-factor authentication, and is currently notifying all affected individuals.

The identification and swift response to the breach by 23andMe demonstrate the importance of robust security measures in safeguarding sensitive user information. As data breaches continue to pose a significant threat, it’s imperative for companies and users alike to prioritize cybersecurity to mitigate such risks and protect personal data from unauthorized access.

Step into the vibrant world of Neom.nu art. Begin your journey here 🖼!

Leave a Reply

Your email address will not be published. Required fields are marked *

All publications and content on this platform are intended for informational and entertainment purposes only. Trendverce.eu does not provide legal, financial, or professional advice. We work to ensure that all information is accurate and updated to the best of our abilities; however, there may be omissions, errors, or outdated facts. Use our insights at your own discretion and consult with professional advisors for any decisions. Copyright © All rights reserved. | Newsphere by AF themes.