23andMe confirms stolen user data

发布时间：2025-04-27 05:17:31

A group of 23andMe users' data was stolen by hackers and posted for sale on BreachForum, Wired reported.

On Friday (Oct. 6), the company confirmed that data was compromised, but said that there wasn't a data breach. Instead, the hackers guessed the logins for users and then used DNA Relatives, an opt-in 23andMe feature where users share information with each other, to gather more data.

SEE ALSO: Discord.io suffers massive data breach, announces closure

The stolen data appears to be a targeted attack on Ashkenazi Jews as the hacker who posted the sample data on BreachForum, "claimed it contained over one million data points about exclusively Ashkenazi Jews," according to Wired. Additionally, hundreds of thousands of users of Chinese decent had their data leaked.

Mashable Light Speed Want more out-of-this world tech, space and science stories? Sign up for Mashable's weekly Light Speed newsletter. By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy. Thanks for signing up!

“We were made aware that certain 23andMe customer profile information was compiled through access to individual 23andMe.com accounts,” the company said in a statement to Wired. “We believe that the threat actor may have then, in violation of our terms of service, accessed 23andme.com accounts without authorization and obtained information from those accounts.”

The hacker is selling 23andMe data profiles for between $1 to $10 and the sample data includes Mark Zuckerberg, Elon Musk, and Sergey Brin. These profiles include name, sex, birth year, and some additional genetic information. But 23andMe told Wired that, while data was compromised, the sample data has not been verified by the company.