The genetic testing firm 23andMe, recently confirmed a security incident in which user data from their platform was found on hacker forums. This breach was the result of a credential-stuffing attack1. A portion of 23andMe's user data was leaked and offered for sale on the dark web.
The first data leak was smaller, with the threat actor releasing one million data entries belonging to Ashkenazi2 individuals. However later on, the hacker began selling data profiles in bulk, pricing them between $1 to $10 per 23andMe account.
A spokesperson for 23andMe has confirmed the legitimacy of the data and explained that the threat actors obtained access to 23andMe accounts by using compromised login credentials from other breaches.
The exposed information includes full names, usernames, profile photos, gender, date of birth, genetic ancestry results, geographical location and more.
The compromised accounts were those that had opted into 23andMe's 'DNA Relatives' feature, which allows users to identify genetic relatives and connect with them. This incident highlights how opting into certain features can lead to unintended privacy consequences.
This incident also highlights the fact that users should think twice before sharing any type of information with services, especially if the information in question is sensitive and directly tied to you, such as health information, biometrics or DNA..
All 23andMe users should promptly reset their passwords to something unique, impossible to guess, and that they’ve never used on other sites before, as well as turn on two-factor authentication for added protection.
Credential stuffing is a cyberattack technique in which an attacker uses a large set of usernames and passwords (often obtained from previous data breaches) to gain unauthorized access to user accounts on various online services or websites. This attack takes advantage of the fact that many individuals reuse the same login credentials (username and password) across multiple online platforms.
Ashkenazi refers to a Jewish ethnic group with a distinct cultural and genetic heritage. Ashkenazi Jews are primarily descended from the Jewish communities that settled in Central and Eastern Europe, particularly in what is now Germany, Poland, Russia, and Ukraine. The name "Ashkenazi" is derived from the Hebrew word "Ashkenaz," which was historically associated with the Scythians and may have referred to the region around the Rhine River in Germany.