23andMe: Hackers breach data of 7 million users
Genetic Testing Firm 23andMe Confirms Massive Data Breach
In a shocking revelation, genetic testing company 23andMe has confirmed that hackers were able to breach the data of a staggering 6.9 million users, which accounts for about half of the company’s customer base.
The breach occurred through the exploitation of a feature called DNA Relatives, which allows users to find genetic relatives. The hackers gained access to 5.5 million profiles utilizing this feature, as well as family tree information from an additional 1.4 million profiles.
Disturbingly, the hackers were also able to obtain users’ ancestry reports, zip codes, and birth years, raising serious concerns about the security of personal information.
Protective Measures Taken
Following the breach, 23andMe has taken immediate action to safeguard customer data. All existing customers are now required to reset their passwords, and two-step verification has been implemented for both new and existing customers.
Initially, the company had reported that only 14,000 users were affected. However, it was later discovered that the hackers had employed a technique known as credential stuffing, reusing compromised usernames and passwords from other websites.
Despite the breach, 23andMe has stated that there have been no reports of inappropriate use of the leaked data. However, the company is diligently working to notify all affected customers, as required by law.
It is worth noting that this is not the first major data breach to occur in recent times. Okta, an identity management firm, also fell victim to a significant breach, underscoring the importance of robust cybersecurity measures.
Privacy Concerns Raised
Privacy advocates have long warned against sharing such personal information with companies, highlighting the risk of data theft. Ramesh Srinivasan, a professor at the University of California, Los Angeles, questioned the wisdom of entrusting such intimate data to organizations primarily driven by investor and board interests.
As the fallout from this breach continues, 23andMe is diligently working to notify all affected customers. However, the exact timeline for completion remains uncertain.
CLICK HERE TO GET THE DAILYWIRE+ APP
As the debate over data privacy intensifies, this breach serves as a stark reminder of the potential risks associated with sharing personal information with companies.
Sources:
What steps has 23andMe taken in response to the data breach, and what does this indicate about the company’s commitment to security and accountability
Company, reported earlier this year that data breaches have increased by 450% since 2013, affecting various industries including healthcare, education, and finance. This incident serves as a reminder that no organization is immune from cyber attacks, and it highlights the importance of robust cybersecurity measures to protect sensitive personal information.
The breach at 23andMe is especially concerning given the nature of the data compromised. Genetic information is highly personal and can reveal sensitive information about individuals and their families. The fact that hackers were able to access not only DNA profiles but also family tree information and ancestry reports raises significant privacy concerns.
23andMe’s response to the breach has been swift and comprehensive. Requiring all customers to reset their passwords and implementing two-step verification for both new and existing customers are important steps in strengthening security measures. Additionally, the company’s commitment to notifying all affected customers demonstrates its commitment to transparency and accountability.
However, it is essential for 23andMe and other companies in the genetic testing industry to go beyond immediate remedial actions and implement measures to prevent future breaches. This incident serves as a wake-up call for the industry to review and enhance their cybersecurity protocols.
It is also crucial for individuals to be vigilant and take steps to protect their personal information. This includes regularly updating passwords, being cautious about sharing sensitive information online, and regularly monitoring for any signs of identity theft or fraudulent activity. Awareness and education are key in safeguarding personal data in an increasingly digital world.
This breach also underscores the need for robust data protection laws and regulations. Governments around the world must work together to establish comprehensive frameworks that hold organizations accountable for the protection of personal information. Additionally, organizations must invest in adequate resources and expertise to ensure compliance with these regulations and to effectively respond to potential breaches.
The 23andMe data breach serves as a stark reminder of the vulnerabilities that exist in our digital landscape. It highlights the urgent need for improved cybersecurity measures, both at the organizational and individual levels. Only through proactive efforts to enhance security and privacy can we mitigate the risks of such breaches and safeguard personal information in the age of technology.
" Conservative News Daily does not always share or support the views and opinions expressed here; they are just those of the writer."