Home 23andMe breach exposed data of millions of users, not 14,000

23andMe breach exposed data of millions of users, not 14,000

Genetic testing company 23andMe disclosed late Saturday that its recent data breach impacted significantly more customers than previously reported, according to a recent TechCrunch report. Originally stating that the breach compromised the personal data of only 14,000 individuals, 23andMe has now confirmed that nearly 7 million customers were impacted.

In an email to TechCrunch, 23andMe spokesperson Katie Watson stated that in addition to the 14,000 direct account breaches, the hackers could access profile information for 5.5 million customers who used the DNA Relatives feature. This feature lets people connect and share ancestry information with genetic relatives in the 23andMe database. Due to the interconnected nature of this service, the data exposed included names, birth years, relationship labels, percentage of shared DNA, ancestry reports, and self-reported locations.

Watson confirmed that profile data was accessed for another 1.4 million users

Additionally, Watson confirmed that profile data was accessed for another 1.4 million DNA Relatives users, including display names, relationship labels, birth years, locations, and sharing preferences. Combined with the 14,000 known direct account breaches, 23andMe now acknowledges that personal information was obtained for over 6.9 million individuals – nearly half of its total reported customer base.

Why were these numbers not reported at first?

The company has not clarified why these significantly higher numbers were not reported initially when it first disclosed the breach in early October. At that time, a hacker posted stolen 23andMe customer data on a hacking forum as proof of the breach. TechCrunch’s analysis found that some of the published records matched with public genetic data, suggesting authenticity.

23andMe maintains that the breach was enabled by customers reusing passwords compromised in other security incidents. By brute-forcing access to accounts protected by common, previously breached passwords, the hackers exploited the connections within the DNA Relatives network to access information about relatives as well.

The scale of the 23andMe breach was amplified exponentially due to this relative-matching feature.

Security experts emphasize the importance of using unique passwords across different accounts and enabling multi-factor authentication whenever possible. 23andMe stated it has implemented additional protections going forward, but the sensitive personal information of millions has already been exposed.

Featured Image Credit: GoogleDeepMind; Pexels

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Radek Zielinski
Tech Journalist

Radek Zielinski is an experienced technology and financial journalist with a passion for cybersecurity and futurology.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.