At least a million data points from 23andMe accounts appear to have been exposed on BreachForums. While the scale of the campaign is unknown, 23andMe says it's working to verify the data.

23andMe User Data Stolen in Targeted Attack on Ashkenazi Jews::At least a million data points from 23andMe accounts appear to have been exposed on BreachForums. While the scale of the campaign is unknown, 23andMe says it’s working to verify the data.

  • /home/pineapplelover@lemm.eeEnglish
    36·
    9 months ago

    Yeah I knew submitting dna samples to companies wasn’t a good idea because they give data to police departments but it didn’t occur to me to use it to target minorities.

    • huginn@feddit.itEnglish
      6·
      9 months ago

      The accounts compromised were ones that had reused their passwords and the only way to get genomic data from an account is for a link to be sent to your email account.

  • Asymptote@lemmy.dbzer0.comEnglish
    26·
    9 months ago

    “We believe that the threat actor may have then, in violation of our terms of service, accessed 23andme.com accounts without authorization and obtained information from those accounts.”

    Good to know that these cybercriminals not only skirted the law but also the TERMS OF SERVICE. Must be hardened types to go and break ToS.

  • Ozymati@lemmy.nzEnglish
    121·
    9 months ago

    Credential stuffing attack. Who wants to wager that the compromised accounts had a LastPass and have never changed their password?

    • AkasazhEnglish
      41·
      9 months ago

      The full picture of why the data was stolen, how much more the attackers have, and whether it is actually focused entirely on Ashkenazim is still unclear.

      From the article, the title is obviously overstated for effect