Skip to content

Cybercriminal leaks 4 million 23andMe user records

  • by
  • 2 min read

Earlier this month, on October 6, a cybercriminal exposed a trove of user data stolen from the genetic testing giant 23andMe. The same malicious actor has struck again and disclosed an additional 4.1 million genetic records of people.

Using the pseudonym ‘Golem’, the cybercriminals leaked the data on the infamous cybercrime forum, BreachForums. An investigation by TechCrunch found that some of the leaked data matched with the public 23andMe records.

Golem claims that the data contains the genetic information of some of the “wealthiest people living in the US and Western Europe”, including the Rothschilds and the Rockefellers.

Andy Kill, the spokesperson of 23andMe, said that the company is still “reviewing the data to determine if it is legitimate.”

“Our investigation is ongoing, and if we learn that a customer’s data has been accessed without their authorization, we will notify them directly with more information,” the company told BleepingComputer.

This is an image of breachforum23andme ss1
Leaked data on Breach Forum.

23andMe claims that, in reality, only a few customer’s accounts were breached. However, many users have opted for the DNA Relatives feature, exposing much more information.

On October 6, 23andMe’s servers were breached, and the data was stolen. The threat actor employed credential stuffing, a technique where cybercriminals try a combination of emails and passwords available to the public from previous breaches.

23andMe attributed the breach to reused passwords.

In response to that incident, 23andMe urged users to change their passwords and opt for multi-factor authentication. The company also engaged with a third-party forensic expert to trace the leak.

This beach raised several questions, the primary one being what techniques other than credential stuffing were used by the threat actor and how much data is still with the cybercriminal.

The hacking seems to have been in process for several months. TechCrunch discovered that on August 11, cybercriminals on the Hydra cybercrime forum leaked some 23andMe data. This data matched with the October 6 leak.

Experts are still unclear on how much data the cybercriminal possesses and the extent of the breach. The company has no answers either.

In the News: CBI crackdowns on tech support scams and crypto frauds in India

Kumar Hemant

Kumar Hemant

Deputy Editor at Candid.Technology. Hemant writes at the intersection of tech and culture and has a keen interest in science, social issues and international relations. You can contact him here: kumarhemant@pm.me

Related Reads

This is an image of data breach featured cybersecurity 113 e1666861228304

Sensitive information of over 5.5 million patients stolen from Yale Health

This is an image of data breach cyber security 239847238978

Lazarus threat actors breach six South Korean companies

This is an image of cyber security hacked breach

“Educational” toolkit for evading Microsoft Office 365 MFA being sold online

This is an image of dark web hacker security

Cybercriminals are using the Pope’s death to preach malware

This is an image of phishing featured storyblocks

North Korean IT workers are using deepfakes to get jobs

This is an image of cisco 3289sd

Cisco confirms several products affected by RCE flaw

>