Data Breach

23andMe (Full Disclosure) Data Breach

6.9M records exposed • October 2023

23andMe got hacked and the full scope was worse than first reported. Nearly 7 million people's DNA and ancestry information was stolen. You can change your password, but you cannot change your DNA.

What Happened

23andMe initially reported a small breach but later disclosed that 6.9 million users were affected. The stolen genetic data has permanent privacy implications.

Attack method: Credential stuffing

What Data Was Exposed

Genetic ancestry data, Names, Birth years, Locations, Family trees, DNA Relatives matches

Is your business exposed?

What to Do If You're Affected

1.
Enable two-factor authentication
2.
Opt out of DNA Relatives if concerned
3.
Request data deletion if desired

Lessons for Businesses

• Genetic data breaches have lifelong implications
• Initial breach estimates often grow
• Credential stuffing works against reused passwords

Sources

https://blog.23andme.com/articles/addressing-data-security-concerns

Related Breaches

23andme

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required