October 19, 2023 at 04:47PM
A threat actor known as Golem has released a new dataset containing the records of over 4 million people’s genetic ancestry, including information on wealthy individuals in the US and Western Europe, after compromising the 23AndMe site. 23andMe is still verifying the authenticity of the leaked data. The breach was likely caused by a credential stuffing cyberattack, with recycled login credentials being used.
Summary:
A threat actor known as Golem has claimed responsibility for the recent compromise of the 23AndMe site and has released a new dataset containing records of over 4 million people’s genetic ancestry. Golem alleges that the stolen data includes information on the wealthiest individuals in the US and Western Europe. 23andMe is currently trying to confirm the authenticity of the leaked data. Golem previously claimed to possess a total of 20 million individual pieces of 23andMe data and leaked 1 million lines of data as a teaser while offering to bulk sell data profiles. 23andMe has confirmed that users who opted to share information through its “DNA Relatives” feature were impacted. The company believes that the breach was a result of a credential stuffing cyberattack, where threat actors used recycled login credentials that had been compromised in previous hacks.