23andMe confirms hackers stole ancestry data on 6.9 million users | TechCrunch

in Steem Linkslast year (edited)


( December 4, 2023; TechCrunch )

Description: "Genetic testing company 23andMe revealed that its data breach was much worse than previously reported, hitting about half of its total customers."

Apparently, the accounts were compromised because their owners reused passwords that had already leaked on other sites. This is why security experts say to use a pasword manager and different passwords at every site.

Every year that goes by, I like the idea of DNA web sites less and less. I get the allure of genealogy. It's fascinating. But once your information leaks, it's out there forever, and it's impossible to imagine how it might be misused in 5 or 10 or 20 years (against the person whose DNA leaked or even against someone else in their family). OTOH, I guess it's getting easier and easier to just surreptitiously collect people's DNA in public places, so maybe a moot point.

Additional references can be found here:


From the article:

hackers accessed the personal information of about 5.5 million people who opted-in to 23andMe’s DNA Relatives feature, which allows customers to automatically share some of their data with others. The stolen data included the person’s name, birth year, relationship labels, the percentage of DNA shared with relatives, ancestry reports and self-reported location...

...another group of about 1.4 million people who opted-in to DNA Relatives also “had their Family Tree profile information accessed,” which includes display names, relationship labels, birth year, self-reported location and whether the user decided to share their information



Read the rest from TechCrunch: 23andMe confirms hackers stole ancestry data on 6.9 million users | TechCrunch

---


25% of this post's author rewards are being directed to @null for burning.

Check the #burnsteem25 tag to find authors who are helping to regulate the blockchain's inflation rate.


###### This markdown/html was auto-generated by the java Steem Links Creator prototype application.

Sort:  
 last year 

Yet one more reason to not put personal/sensitive information on any sort of internet-connected device. And what makes us a little bit annoyed is that the company saying that it was caused by the reuse of passwords. Are they trying to scapegoat us because they should have better password policies in place than to allow people to continue to reuse passwords?

Are they trying to scapegoat us because they should have better password policies in place than to allow people to continue to reuse passwords?

I was wondering about this claim. Half of their users had compromised accounts on other sites? Is that really plausible? I'm just speculating, but it seems to me like that this suggests some sort of relationship between 23andme and the site where the original compromise happened.

Upvoted. Thank You for sending some of your rewards to @null. It will make Steem stronger.