Hacker leaks millions more 23andMe user records on cybercrime forum

In Data Breach News, News
October 19, 2023
Hacker leaks millions more 23andMe user records on cybercrime forum

The same individual, “Golem,” who leaked DNA data from 23andMe on BreachForums has now leaked even more data. While the original leak was described as relating to Ashkenazi Jews, the newest leak of more than 4 million records was described as being users from Great Britain and Germany, including data from “the wealthiest people living in the U.S. and Western Europe on this list.”

When the first dataset was leaked earlier this month, 23andMe issued a statement saying that there was no breach of their system and it appeared that this was a “credential stuffing” attack, i.e., the attackers had obtained login credentials from other sites. Calling it a credential stuffing attack blames the users for having reused passwords across sites. A spokesperson for 23andMe says they are investigating the current dataset to see if it is valid data.

As TechCrunch reports:

In response to the incident, 23andMe prompted users to change their passwords and encouraged switching on multi-factor authentication. On its official page addressing the incident, 23andMe said it has launched an investigation with help from “third-party forensic experts.” 23andMe blamed the incident on its customers for reusing passwords, and an opt-in feature called DNA Relatives, which allows users to see the data of other opted-in users whose genetic data matches theirs. If a user had this feature turned on, in theory it would allow hackers to scrape data on more than one user by breaking into a single user’s account.