The company that offered genetic tests suffered a major hack in 2023. A hacker attack about which we are still learning today!
The American specialist in genetic testing suffered a major attack last year, due to which the data of several million people ended up in the wild. And at the beginning of January, 23andMe created controversy by placing part of the responsibility for this hack on the habits of its customers. However, the culpability could be much more on the company’s side, as this new information shows.
A breach from April
This will restart the discussions. A legal document filed by 23andMe tells us more about the hack suffered last September by the Californian firm. The latter would in fact have taken place many months before its discovery.
The first breach took place at the end of April, before being exploited for several months, until September. In total, the genetic profiles of 5.5 million customers of the Family Tree service, and 1.4 million customers of the DNA Relatives option, were collected by the attackers.
23andMe hadn’t seen the ad
As a reminder, we had to wait until October and the posting by an Internet user on the 23andMe subreddit of a sample of the stolen data for the company to realize this famous hack.
However, the pirates had made no secret of their attacks, since they had communicated the results of their offensive on a hacker forum in August. Beyond identity information, such as the name or date of birth of customers, health data and data on their ancestors had thus fallen into the hands of the hackers. And so, without this reaching the ears of anyone at 23andMe!
Source : Engadget
1