I want to alert you to some troubling news regarding the DNA Ancestry company, which recently suffered a security breach. To ensure the safety of your information, it is imperative to undertake certain protective measures. If your email account is associated with both DNA Ancestry and 23andMe, it’s vital to change your password, ensuring it’s both unique and secure. Additionally, updating your password on 23andMe.com at your earliest convenience is advisable. We comprehend the significance of your data’s privacy and safety, urging you to enact all feasible precautions to secure it. For any inquiries or concerns on this matter, feel free to contact us anytime.
A hacker has reportedly accessed multiple user profiles on the genetic testing platform, 23andMe.com, potentially unveiling sensitive personal data. The scope of exposed data depends on the user’s chosen services and plans, as well as the hacker’s method of access. This could include details like name, sex, birth year, current location, along with certain genetic and health information.
23andMe has been informing its users about the incident through its blog. On October 9, the company indicated that the breach seems to have occurred due to users reusing login credentials that were compromised on other platforms, rather than a system breach on 23andMe’s end.
Intriguingly, the attacker also accessed data of users who weren’t directly compromised but had activated the DNA Relatives feature, thereby broadening the breach’s impact. This feature allows matched users to share certain information, causing a more extensive data exposure even when one party had a secure password.
The hacker has purportedly listed the acquired data for sale on a dark web forum, with specific datasets including one million Jewish Ashkenazi users and 100,000 people of Chinese descent.
In retaliation, 23andMe has launched various measures to strengthen user security. They’ve enforced password resets for all users, advocated for multi-factor authentication (MFA) usage, and are persistently investigating the incident with the aid of external forensic experts and federal law enforcement officials.
Users are counseled to augment their account security by employing strong, unique passwords, enabling MFA, and vigilantly monitoring their financial activities to promptly detect any unauthorized actions. This incident accentuates online privacy’s importance, urging a reassessment of data sharing practices on 23andMe and other online platforms.
This situation starkly highlights online privacy risks, underscoring the essentiality of robust, unique passwords, particularly when handling sensitive information like genetic data on platforms such as 23andMe. Users are encouraged to adhere to the suggested security practices, irrespective of their usage of 23andMe, to safeguard their privacy and personal information online.
For added protection, users might contemplate closing old accounts and utilizing online protection tools to manage and secure their digital identities, making the 23andMe incident a valuable lesson for amplifying online privacy and security moving forward.
