Home
Forums
New posts
Search forums
What's new
New posts
New profile posts
Latest activity
Members
Current visitors
New profile posts
Search profile posts
Log in
Register
What's new
Search
Search
Search titles only
By:
New posts
Search forums
Menu
Log in
Register
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Home
Forums
CARDING & HACKING
Carding News
Genetics firm 23andMe says user data stolen in credential stuffing attack
Message
<blockquote data-quote="Jakesu" data-source="post: 33" data-attributes="member: 7"><p>23andMe has confirmed to BleepingComputer that it is aware of user data from its platform circulating on hacker forums and attributes the leak to a credential-stuffing attack.</p><p></p><p>23andMe is a U.S. biotechnology and genomics firm offering genetic testing services to customers who send a saliva sample to its labs and get back an ancestry and genetic predispositions report.</p><p></p><p>Recently, a threat actor leaked samples of data that was allegedly stolen from a genetics firm and, a few days later, offered to sell data packs belonging to 23andMe customers.</p><p></p><p><a href="https://www.bleepstatic.com/images/news/u/1220909/2023/Databases/11/leak.png" target="_blank"><img src="https://www.bleepstatic.com/images/news/u/1220909/2023/Databases/11/leak.png" alt="" class="fr-fic fr-dii fr-draggable " style="" /></a></p><table style='width: 100%'><tr><td>Initial leak of genetic data</td></tr></table><p>The initial data leak was limited, with the threat actor releasing 1 million lines of data for Ashkenazi people. However, on October 4, the threat actor offered to sell data profiles in bulk for $1-$10 per 23andMe account, depending on how many were purchased.</p><p></p><p><a href="https://www.bleepstatic.com/images/news/u/1220909/2023/Databases/11/sale.png" target="_blank"><img src="https://www.bleepstatic.com/images/news/u/1220909/2023/Databases/11/sale.png" alt="" class="fr-fic fr-dii fr-draggable " style="" /></a></p><table style='width: 100%'><tr><td>Selling stolen genetic data profiles in bulk</td></tr></table><p>A 23andMe spokesperson confirmed the data is legitimate and told BleepingComputer that the threat actors used exposed credentials from other breaches to access 23andMe accounts and steal the sensitive data.</p><p></p><p>"We were made aware that certain 23andMe customer profile information was compiled through access to individual 23andMe.com accounts," stated 23andMe's spokesperson</p><p></p><p>"We do not have any indication at this time that there has been a data security incident within our systems."</p><p></p><p>"Rather, the preliminary results of this investigation suggest that the login credentials used in these access attempts may have been gathered by a threat actor from data leaked during incidents involving other online platforms where users have recycled login credentials."</p><p></p><p>The information that has been exposed from this incident includes full names, usernames, profile photos, sex, date of birth, genetic ancestry results, and geographical location.</p><p></p><p>BleepingComputer has also learned that the number of accounts sold by the cybercriminal does not reflect the number of 23andMe accounts breached using exposed credentials.</p><p></p><p>The compromised accounts had opted into the platform's 'DNA Relatives' feature, which allows users to find genetic relatives and connect with them.</p><p></p><p>The threat actor accessed a small number of 23andMe accounts and then scraped the data of their DNA Relative matches, which shows how opting into a feature can have unexpected privacy consequences.</p><p></p><p>23andMe told BleepingComputer that the platform offers two-factor authentication as an additional account protection measure and encourages all users to enable it.</p><p></p><p>Users should refrain from reusing passwords and consistently employ strong, distinct credentials for every online account they have.</p></blockquote><p></p>
[QUOTE="Jakesu, post: 33, member: 7"] 23andMe has confirmed to BleepingComputer that it is aware of user data from its platform circulating on hacker forums and attributes the leak to a credential-stuffing attack. 23andMe is a U.S. biotechnology and genomics firm offering genetic testing services to customers who send a saliva sample to its labs and get back an ancestry and genetic predispositions report. Recently, a threat actor leaked samples of data that was allegedly stolen from a genetics firm and, a few days later, offered to sell data packs belonging to 23andMe customers. [URL='https://www.bleepstatic.com/images/news/u/1220909/2023/Databases/11/leak.png'][IMG]https://www.bleepstatic.com/images/news/u/1220909/2023/Databases/11/leak.png[/IMG][/URL] [TABLE] [TR] [TD]Initial leak of genetic data[/TD] [/TR] [/TABLE] The initial data leak was limited, with the threat actor releasing 1 million lines of data for Ashkenazi people. However, on October 4, the threat actor offered to sell data profiles in bulk for $1-$10 per 23andMe account, depending on how many were purchased. [URL='https://www.bleepstatic.com/images/news/u/1220909/2023/Databases/11/sale.png'][IMG]https://www.bleepstatic.com/images/news/u/1220909/2023/Databases/11/sale.png[/IMG][/URL] [TABLE] [TR] [TD]Selling stolen genetic data profiles in bulk[/TD] [/TR] [/TABLE] A 23andMe spokesperson confirmed the data is legitimate and told BleepingComputer that the threat actors used exposed credentials from other breaches to access 23andMe accounts and steal the sensitive data. "We were made aware that certain 23andMe customer profile information was compiled through access to individual 23andMe.com accounts," stated 23andMe's spokesperson "We do not have any indication at this time that there has been a data security incident within our systems." "Rather, the preliminary results of this investigation suggest that the login credentials used in these access attempts may have been gathered by a threat actor from data leaked during incidents involving other online platforms where users have recycled login credentials." The information that has been exposed from this incident includes full names, usernames, profile photos, sex, date of birth, genetic ancestry results, and geographical location. BleepingComputer has also learned that the number of accounts sold by the cybercriminal does not reflect the number of 23andMe accounts breached using exposed credentials. The compromised accounts had opted into the platform's 'DNA Relatives' feature, which allows users to find genetic relatives and connect with them. The threat actor accessed a small number of 23andMe accounts and then scraped the data of their DNA Relative matches, which shows how opting into a feature can have unexpected privacy consequences. 23andMe told BleepingComputer that the platform offers two-factor authentication as an additional account protection measure and encourages all users to enable it. Users should refrain from reusing passwords and consistently employ strong, distinct credentials for every online account they have. [/QUOTE]
Name
Verification
Post reply
Home
Forums
CARDING & HACKING
Carding News
Genetics firm 23andMe says user data stolen in credential stuffing attack
Top