Thursday, July 18, 2024
RSS

Hackers advertised 23andMe stolen data two months ago

Imagine the shock and concern that 23andMe users experienced when news broke that hackers had stolen and advertised their personal data on a hacking forum. However, it has recently come to light that this breach may have been even more widespread than initially believed. TechCrunch discovered that some of the advertised stolen data matches known 23andMe user information, suggesting that this breach may have originated two months ago. The hacker claimed to possess a massive amount of stolen user data and demanded a hefty sum in exchange for its return. While 23andMe has not confirmed the legitimacy of the leaked data, they have urged all users to reset their passwords and activate multi-factor authentication as a precautionary measure. This incident serves as a stark reminder of the importance of taking steps to safeguard our personal information in an increasingly interconnected digital world.

Hackers advertised 23andMe stolen data two months ago

This image is property of techcrunch.com.

Hackers advertised 23andMe stolen data two months ago

Two months ago, hackers made the disturbing announcement that they had stolen user data from the genetic testing company 23andMe. This incident was brought to the attention of the public when a hacker on a known cybercrime forum called Hydra advertised a set of 23andMe user data that matched some of the data leaked last week on another hacking forum called BreachForums. The hacker claimed to possess 300 terabytes of stolen 23andMe user data and even contacted the company about it. However, instead of taking the matter seriously, 23andMe apparently asked irrelevant questions. The hacker then demanded $50 million for the data and offered to sell it in subsets for a lesser amount between $1,000 and $10,000.

Hacker on known cybercrime forum advertised stolen 23andMe user data

The hacker’s announcement on the Hydra forum was not the only place where this stolen data was being discussed. A Reddit user who goes by the username “Reddit user” saw the Hydra post and immediately alerted fellow users on the unofficial 23andMe subreddit about the alleged breach. This Reddit post appeared on the same day as the hacker’s announcement, further adding to the urgency of the situation.

Hackers advertised 23andMe stolen data two months ago

This image is property of images.unsplash.com.

Reddit user alerted others about the alleged breach

The Reddit user’s post on the 23andMe subreddit served as a warning to the community about the potential breach of their personal information. This individual was responsible for sharing the information from the Hydra forum and alerting others about the situation. Through their post, other users became aware that their data might have been compromised.

The hacker shared alleged genetic data of a senior Silicon Valley executive

Among the stolen data that the hacker shared, one particularly alarming piece was the alleged genetic data of a senior Silicon Valley executive. This genetic information was compared to one of the datasets advertised on BreachForums and was found to match the user profile and genetic data found in that dataset. This further confirmed the legitimacy of the stolen data and the potential severity of the breach.

Hackers advertised 23andMe stolen data two months ago

This image is property of images.unsplash.com.

Datasets advertised on BreachForums contain Jewish Ashkenazi and Chinese user data

The datasets that were being advertised on BreachForums contained a specific focus on certain ethnic groups. One dataset supposedly contained the genetic information of 23andMe users of Jewish Ashkenazi descent, totaling one million users. Another dataset claimed to have data from 100,000 23andMe Chinese users. This suggests that the hackers specifically targeted these particular groups, potentially leading to further concern among affected individuals.

23andMe declined to confirm whether the leaked data is legitimate

Despite the mounting evidence and speculation surrounding the legitimacy of the leaked data, 23andMe has chosen not to confirm its veracity. The company has been tight-lipped about the hacking forum post from two months ago and did not respond to questions regarding it. Instead, they simply stated that the matter was under investigation, providing no further details.

Hackers advertised 23andMe stolen data two months ago

This image is property of images.unsplash.com.

TechCrunch analyzed stolen data and found matches with public genealogy records

TechCrunch took it upon themselves to investigate the stolen data by comparing it to publicly available genealogy records. Through this analysis, they were able to find several dozen records that matched the information found in the stolen data. This further supports the claim that the stolen data is legitimate and raises concerns about the potential impact on individuals’ privacy.

23andMe blames users for reusing passwords and points to a specific feature

In response to the breach, 23andMe has shifted the blame onto its users. The company claims that the leak occurred due to users reusing passwords across different accounts. They point to a specific feature called DNA Relatives, which allows users to connect with others who have opted into the feature. 23andMe suggests that this feature may have been exploited by hackers to gain access to user accounts and scrape their data, including information about their relatives.

Hackers advertised 23andMe stolen data two months ago

Uncertainty regarding the legitimacy and amount of legitimate data hackers possess

Despite the evidence pointing to the legitimacy of the stolen data, there is still uncertainty surrounding its extent and accuracy. Hackers often exaggerate the data they possess in order to increase its value and chances of selling it. It remains unclear just how much legitimate data the hackers actually have in their possession.

23andMe prompts users to reset passwords and enable multi-factor authentication

To ensure the security of their users, 23andMe has taken measures to protect against further breaches. They have prompted all users to reset their passwords as a precautionary measure. Additionally, they strongly encourage users to enable multi-factor authentication, which adds an extra layer of security to their accounts. By taking these steps, 23andMe aims to safeguard their users’ personal information and prevent unauthorized access.

Some users received password reset emails and others had to change passwords

As part of their security measures, 23andMe sent out password reset emails to some users. These individuals were asked to change their passwords in order to further secure their accounts. Other users who attempted to log into their 23andMe accounts were also prompted to change their passwords, ensuring that all users take the necessary steps to protect their personal information.

Source: https://techcrunch.com/2023/10/10/hackers-advertised-23andme-stolen-data-two-months-ago/