On the dark web, hackers are selling thousands of dollars’ worth of 23andMe customer details, including names, photos, birth dates, and ethnicities.
23andMe said the data was gathered from credentials exposed in prior data breaches, and its security systems have not been compromised.
As a result of this investigation, it appears that the login credentials used in these access attempts were gathered by a threat actor from data leaked during incidents involving other online platforms where users recycled login credentials. In a technique known as “credential stuffing,” the hackers inserted leaked username-password combinations into 23andMe accounts.
A Reddit post first alerted the company to the attack. Since then, hackers have been hawking the data on the cybercrime marketplace BreachForums.
Earlier this week, an anonymous seller posted a listing on BreachForums claiming to have access to DNA profiles of various individuals, including “world-renowned business tycoons and secretive dynasties.” The seller also mentioned that the data included corresponding email addresses. This information was re-posted on X. According to Wired, the provided sample data supposedly includes entries for prominent tech executives such as Mark Zuckerberg, Sergey Brin, and Elon Musk. However, it is uncertain whether these entries are authentic. The company responsible for this data is led by Anne Wojcicki, sister of former YouTube CEO Susan Wojcicki and ex-wife of Sergey Brin.
The seller offered profile bundles starting at $1000 for 100 profiles and going all the way up to $100,000 for 100,000 profiles, with incremental payment options for each bulk purchase of 10,000 profiles.
According to a post on BreachForums, which was also reposted to X, the data contained “half of 23andMe’s members.” However, the company has yet to confirm how many accounts were compromised.
The company believes that the hackers were able to scrape the data of several other 23andMe users through a feature called DNA Relatives despite having access to a much smaller number of accounts. By using the feature, users can connect with others they share a “recent ancestor” with — which they define as less than nine generations back.
23andMe did not specify if the attack targeted a specific ethnic group. According to a post on BreachForums, the data sample was labeled as “1 million Ashkenazi database” earlier this week. However, the company clarifies that an individual can be considered Ashkenazi Jew even with just 1% Jewish ancestry. The DNA Relatives feature is expected to show more matches for those with European or Ashkenazi heritage compared to those with Asian or Middle Eastern ancestry, as stated on 23andMe’s website. Additionally, Wired reported that there could be “hundreds of thousands of users of Chinese descent” impacted by the leak.
In 2006, 23andMe made waves for its saliva tests that could reveal genetic predispositions, ancestry, and inherited characteristics. In order to prevent further attacks, the company encourages users to enable multi-factor authentication — which it shares anonymized user data with third parties with their consent.
Also Read:
- 3 Cybersecurity stocks which can match up cybersecurity industry’s growth
- BlackBerry Ltd: A Smartphone Maker or a Cybersecurity Business?
- Cyber Attacks On Critical Infrastructures Are Evolving” insights from IBM’s Cybersecurity Expert
- More Than 80% Of Twitter Accounts Are Fake, Says Cybersecurity Expert