Genetic testing firm 23andMe has been investigating a security incident after hackers marketed a trove of alleged stolen consumer knowledge on a hacking discussion board final week. However the alleged stolen knowledge might have been circulating for for much longer than first recognized.
information.killnetswitch has additionally discovered that a few of the marketed stolen knowledge matches recognized 23andMe consumer info.
On August 11, a hacker on a recognized cybercrime discussion board known as Hydra marketed a set of 23andMe consumer knowledge that matches a few of the knowledge leaked final week on one other hacking discussion board known as BreachForums.
The hacker claimed within the earlier publish on Hydra to have 300 terabytes of stolen 23andMe consumer knowledge, and mentioned they contacted 23andMe, “however as a substitute of taking the matter severely, they requested irrelevant questions.” The hacker requested for $50 million for the information, and claimed they might solely promote it as soon as, but in addition supplied to promote solely a subset of information for between $1,000 and $10,000.
However not less than one particular person noticed the Hydra publish and publicized it on the open web lengthy earlier than information of the leak was reported final week. On the identical day because the Hydra discussion board publish, a Reddit consumer wrote on the 23andMe unofficial subreddit, alerting different customers of the alleged breach.
Within the Hydra publish, the hacker shared the alleged genetic knowledge of a senior Silicon Valley govt, which contained the identical consumer profile and genetic knowledge present in one of many datasets marketed final week on BreachForums, although the 2 datasets are structured otherwise. The datasets marketed on BreachForums allegedly include a million 23andMe customers of Jewish Ashkenazi descent and 100,000 23andMe Chinese language customers.
23andMe has repeatedly declined to verify whether or not the leaked knowledge is official. The corporate declined to reply a collection of questions for this story, together with whether or not it was conscious of this hacking discussion board publish from two months in the past.
Katie Watson, 23andMe’s spokesperson, advised information.killnetswitch that “this matter is the topic of an ongoing investigation. We can’t remark additional at the moment.”
Contact Us
Do you could have extra details about the 23andMe incident? We’d love to listen to from you. You may contact Lorenzo Franceschi-Bicchierai securely on Sign at +1 917 257 1382, or by way of Telegram, Keybase, and Wire @lorenzofb, or e mail lorenzo@techcrunch.com. You too can contact information.killnetswitch by way of SecureDrop.
Basically, 23andMe is blaming customers for re-using passwords, and saying the leak was brought on by hackers stepping into these customers’ accounts after which scraping their knowledge, together with the sufferer’s relations.
The corporate has additionally pointed to a selected function which will clarify how hackers amassed a lot knowledge. 23andMe has an opt-in function known as DNA Family members, which permits customers to look within the accounts of different customers who’ve additionally opted-in to the function.
It’s unclear if all of the marketed knowledge is official, or how a lot official knowledge hackers really possess. It’s not unusual for hackers to magnify what knowledge they’ve with a view to improve the prospect of promoting it on hacking boards.
Within the meantime, 23andMe has prompted all customers to reset and alter their passwords on Monday night, and inspired them to activate multi-factor authentication. information.killnetswitch spoke to 2 23andMe customers, one who acquired the password reset e mail, and one who didn’t. The latter was, nonetheless, compelled to vary their password once they went to log into their 23and me account.
