23andMe Admits Major Data Breach as Hackers Access Ancestry Information of Millions
Genetic testing giant 23andMe has admitted in a SEC filing that it has suffered a massive breach that has exposed the ancestry information of millions of customers utilizing the DNA Relatives feature.
Engadget reports that 23andMe, a popular genetic testing and analysis company, recently admitted it experienced a major data breach. According to an SEC filing, this breach affected a portion of the company’s user base, specifically targeting the opt-in DNA Relatives (DNAR) feature. This feature, designed to match users with genetic relatives, was exploited by hackers to access the accounts of about 14,000 of the 14 million total customers, representing roughly 0.1 percent of 23andMe’s user base.
Although the number of compromised accounts was small, the attackers managed to access the DNAR profiles of approximately 5.5 million customers. Additionally, they obtained Family Tree profile information from 1.4 million participants in the DNA Relatives program. These profiles contain sensitive details including display names, locations, shared DNA percentages, family names, predicted relationships, and ancestry reports. It’s also noted that Family Tree profiles include other voluntarily added information such as birth year and location.