23andMe User Data Stolen in Targeted Attack on Ashkenazi Jews::At least a million data points from 23andMe accounts appear to have been exposed on BreachForums. While the scale of the campaign is unknown, 23andMe says it’s working to verify the data.

  • /home/pineapplelover@lemm.ee
    link
    fedilink
    English
    arrow-up
    36
    ·
    1 year ago

    Yeah I knew submitting dna samples to companies wasn’t a good idea because they give data to police departments but it didn’t occur to me to use it to target minorities.

    • huginn@feddit.it
      link
      fedilink
      English
      arrow-up
      6
      ·
      1 year ago

      The accounts compromised were ones that had reused their passwords and the only way to get genomic data from an account is for a link to be sent to your email account.

  • Asymptote@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    26
    ·
    1 year ago

    “We believe that the threat actor may have then, in violation of our terms of service, accessed 23andme.com accounts without authorization and obtained information from those accounts.”

    Good to know that these cybercriminals not only skirted the law but also the TERMS OF SERVICE. Must be hardened types to go and break ToS.

  • Ozymati@lemmy.nz
    link
    fedilink
    English
    arrow-up
    12
    ·
    1 year ago

    Credential stuffing attack. Who wants to wager that the compromised accounts had a LastPass and have never changed their password?

    • Akasazh@feddit.nl
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 year ago

      The full picture of why the data was stolen, how much more the attackers have, and whether it is actually focused entirely on Ashkenazim is still unclear.

      From the article, the title is obviously overstated for effect