/
Navigation
Chronicles
Browse all articles
Explore
Semantic exploration
Research
Entity momentum
Nexus
Correlations & relationships
Story Arc
Topic evolution
Drift Map
Semantic trajectory animation
Posts
Analysis & commentary
Pulse API
Tech news intelligence API
Browse
Entities
Companies, people, products, technologies
Domains
Browse by publication source
Handles
Browse by social media handle
Detection
Concept Search
Semantic similarity search
High Impact Stories
Top coverage by position
Sentiment Analysis
Positive/negative coverage
Anomaly Detection
Unusual coverage patterns
Analysis
Rivalry Report
Compare two entities head-to-head
Semantic Pivots
Narrative discontinuities
Crisis Response
Event recovery patterns
Connected
Search: /
Command: ⌘K
Embeddings: large
TEXXR
TEXXR

Chronicles

The story behind the story

days · browse · Enter similar · o open

23andMe says hackers stole the ancestry data of 6.9M of its 14M customers, via a breach first disclosed in October 2023, by leveraging access to ~14K accounts

https://arstechnica.com/... John / @obeto@mas.to : That's the problem with biometric PIIs: they cannot be changed if a breach occurs.  —  If, some of the victims work in sensitive departments of our security organs where entry is validated against their DNA, wouldn't that person be out of a job?  —  Shouldn't the person? https://gizmodo.com/... Jason Lefkowitz / @jalefkowit@octodon.social : There are a shocking number of people working in PR who do not understand what the phrase “on background” actually means  —  https://techcrunch.com/...  [image] Andrew Abernathy / @andrewabernathy@mastodon.social : “23andMe declared part of its email as “on background,” which requires that both parties agree to the terms in advance.  TechCrunch is printing the reply as we were given no opportunity to reject the terms.”  —  https://techcrunch.com/... Brandon Haber / @malderi@techhub.social : Be sure to change your parents and grandparents at least every six months, and use a strong mix of different genetics. https://techcrunch.com/... Lorenzo Franceschi-Bicchierai / @lorenzofb@infosec … : NEW: Whoopsies.  —  After 23andMe initially said its data breach hit 0.1% of customers (~14k).  The company now reveals that — actually — there were 6.9 million victims, roughly 50% of all its customers.  —  The number is so high because by hacking those ~14k accounts hackers were then able to get data from relatives, who opted-into automatically sharing their data to others. … Bluesky: Mary Branscombe / @marypcbuk.bsky.social : every time I see a headline, the number of users who had data stolen goes up like it's replicating in a test tube [embedded post] @waxmonkey.bsky.social : even if companies actually tried to protect your data, its existence in their servers is a fundamental risk you dont need [embedded post] X: Merry Katemas / @katebevan : and this, my children, is why I don't do consumer DNA tests. Once your genetic data is out there, it's out there. You can't pull it back. And remember, if you do a DNA test, you're also uploading at least some of your family members' DNA too. https://techcrunch.com/... Eric Geller / @ericgeller : Second company in two weeks to revise a data breach impact estimate wayyyy upward, after Okta. Emin Gün Sirer / @el33th4xor : It's all fun and games until some kid gets a hold of DNA data, decides he's sick of throwing rocks at tanks and builds a crispr-based pathogen that kills an entire race. We need to have much better safeguards around DNA data. https://techcrunch.com/... Nikhil Krishnan / @nikillinit : well I guess inadvertently the 23andMe hack now gives a ballpark amount for how much a genetic database is worth? [image] Troy Hunt / @troyhunt : Compromised accounts via credential stuffing can be just the initial point of entry. When you have a business model like @23andMe's where *by design* it connects people together, 14k quickly becomes 7M https://www.scmagazine.com/... Sean Lyngaas / @snlyngaas : Another example of the PR playbook of staking out the early ground of “less than ____% of our customers are affected by this breach” not aging well: https://x.com/... Lorenzo Franceschi-Bicchierai / @lorenzofb : NEW: 23andMe initially said its data breach hit 0.1% of customers (~14k). 23andMe now reveals that — actually — there were 6.9 million victims. Number is so high because by hacking those ~14k accounts hackers then were able to get data from relatives. https://techcrunch.com/... Forums: Hacker News : 23andMe confirms hackers stole ancestry data on 6.9M users r/cybersecurity : 23andMe confirms hackers stole ancestry data on 6.9 million users |  TechCrunch r/BillBurr : Hackers stole ancestry data of 6.9 million users, 23andMe finally confirmed r/Morocco : I know you guys like ancestry tests, take care r/worldnews : Hackers stole ancestry data of 6.9 million users, 23andMe finally confirmed r/technology : 23andMe confirms hackers stole ancestry data on 6.9 million users Ars OpenForum : Hackers stole ancestry data of 6.9 million users, 23andMe finally confirmed

TechCrunch Lorenzo Franceschi-Bicchierai

Related Coverage

Discussion

  • @andrewabernathy@mastodon.social Andrew Abernathy on mastodon
    “23andMe declared part of its email as “on background,” which requires that both parties agree to the terms in advance.  TechCrunch is printing the reply as we were given no opportunity to reject the terms.”  —  https://techcrunch.com/...
  • @marypcbuk.bsky.social Mary Branscombe on bluesky
    every time I see a headline, the number of users who had data stolen goes up like it's replicating in a test tube [embedded post]
  • @waxmonkey.bsky.social @waxmonkey.bsky.social on bluesky
    even if companies actually tried to protect your data, its existence in their servers is a fundamental risk you dont need [embedded post]
  • @katebevan Merry Katemas on x
    and this, my children, is why I don't do consumer DNA tests. Once your genetic data is out there, it's out there. You can't pull it back. And remember, if you do a DNA test, you're also uploading at least some of your family members' DNA too. https://techcrunch.com/...
  • @ericgeller Eric Geller on x
    Second company in two weeks to revise a data breach impact estimate wayyyy upward, after Okta.
  • @el33th4xor Emin Gün Sirer on x
    It's all fun and games until some kid gets a hold of DNA data, decides he's sick of throwing rocks at tanks and builds a crispr-based pathogen that kills an entire race. We need to have much better safeguards around DNA data. https://techcrunch.com/...
  • @nikillinit Nikhil Krishnan on x
    well I guess inadvertently the 23andMe hack now gives a ballpark amount for how much a genetic database is worth? [image]
  • @troyhunt Troy Hunt on x
    Compromised accounts via credential stuffing can be just the initial point of entry. When you have a business model like @23andMe's where *by design* it connects people together, 14k quickly becomes 7M https://www.scmagazine.com/...
  • @snlyngaas Sean Lyngaas on x
    Another example of the PR playbook of staking out the early ground of “less than ____% of our customers are affected by this breach” not aging well: https://x.com/...
  • @lorenzofb Lorenzo Franceschi-Bicchierai on x
    NEW: 23andMe initially said its data breach hit 0.1% of customers (~14k). 23andMe now reveals that — actually — there were 6.9 million victims. Number is so high because by hacking those ~14k accounts hackers then were able to get data from relatives. https://techcrunch.com/...
  • r/cybersecurity r on reddit
    23andMe confirms hackers stole ancestry data on 6.9 million users |  TechCrunch
  • r/BillBurr r on reddit
    Hackers stole ancestry data of 6.9 million users, 23andMe finally confirmed
  • r/Morocco r on reddit
    I know you guys like ancestry tests, take care
  • r/worldnews r on reddit
    Hackers stole ancestry data of 6.9 million users, 23andMe finally confirmed
  • r/technology r on reddit
    23andMe confirms hackers stole ancestry data on 6.9 million users