Millions of users had their data stolen by hackers. 23andMe has now confirmed the scope of its recent data breach, and the news is unfavorable.
23andMe Has Confirmed the Number of People Affected by its Data Breach
A total of 6.9 million users of the genetic testing site have been affected. According to 23andMe, although hackers initially accessed information for only 0.1 percent of its customers (14,000 users), this granted the same group access to the profile information of millions of other users through the service’s DNA Relatives feature. Users who opted in to this feature had given the site permission to automatically share some of their data with others.
Breaking it down, information for 5.5 million users was stolen, encompassing their name, birth year, relationship details, ancestry reports, self-reported location, and the DNA percentage shared with family. Additionally, data for another 1.4 million users, specifically related to their Family Tree, was also compromised. This includes names, birth years, relationships, and self-reported locations.
Considering 23andMe’s user base, which exceeds 14 million customers according to its 2023 financial results report, it seems that nearly half of their users have been impacted by this hack.
Unveiling the Timeline: From Initial Confirmation to Ongoing Safeguard
In October, 23andMe initially confirmed the data theft. Later in the month, when a hacker seemed to offer data for sale on 4 million users, the company stated that it was “reviewing the data” to ascertain its legitimacy.
In its most recent update on the hack, 23andMe mentioned that it is currently notifying customers who have been affected.
The company’s blog post states, “We have implemented measures to enhance the protection of customer data, such as mandating all existing customers to reset their password and requiring two-step verification for both new and existing customers. The company is committed to ongoing investments in safeguarding our systems and data.
In a significant development, 23andMe has officially disclosed the extent of the impact caused by its recent data breach, and regrettably, the revelations are far from positive. The company has confirmed that a substantial number of individuals have been affected by this security incident, marking a concerning breach of personal information.
According to reports from reliable sources such as TechCrunch, the breach has affected a total of 6.9 million users of the genetic testing site. This staggering figure underscores the magnitude of the breach and its potential implications for the affected individuals.
Providing further details, 23andMe explained that initially, only 0.1 percent of its customers, approximately 14,000 users, had their information accessed by the hackers. However, this initial breach enabled the same group to exploit the service’s DNA Relatives feature, gaining access to the profile information of millions of other users. Notably, those who had opted in for this feature had given the site permission to automatically share certain data with fellow users.