КућаБезбедносне операције23andMe hack allowed threat actor to access data for millions of customers,...

23andMe hack allowed threat actor to access data for millions of customers, company says

Објављено на

спот_имг

The genetic testing company 23andMe experienced a security breach in October that resulted in the personal data of millions of users being accessed by hackers, the company confirmed on Monday. The company launched an investigation after a “threat actor” claimed online to have obtained the profile information of 23andMe users. At the time, it was believed that the hackers targeted accounts of users who had reused usernames and passwords from other compromised sites.

Following the investigation, 23andMe acknowledged in a filing with the Securities and Exchange Commission that the hacker accessed 0.1% of the company’s user accounts. While the attacker only gained access to approximately 14,000 accounts, they exploited a feature that allowed them to view information about possible relatives, thereby accessing the data of millions of users.

As a result of the breach, approximately 5.5 million customers had their “DNA Relatives” profiles accessed in an unauthorized manner, which included information such as display names, predicted relationships with others, and DNA percentages shared with matches. An additional 1.4 million customers participating in the Relatives feature had their “Family Tree” profile information accessed, which is described as a limited subset of the Relatives profile data.

Despite the security breach in October, 23andMe did not disclose the specific number of customers affected until the recent filing with the SEC. The company is currently in the process of notifying the affected customers and has implemented measures to strengthen security. Existing customers are required to reset their passwords and enable two-step verification, while the company assures that the “threat actor activity is contained.”

The significance of this security breach cannot be understated, considering the sensitive nature of genetic and ancestral information. 23andMe’s platform analyzes users’ DNA from saliva samples to provide reports on their ancestry and genetic health risks. Therefore, the unauthorized access to this data constitutes a serious violation of user privacy and underscores the importance of robust cybersecurity measures to protect personal information.

As 23andMe addresses the aftermath of this breach, the company is also taking steps to rebuild customer trust and prevent future security incidents. The breach serves as a sobering reminder of the ongoing and evolving threat posed by cybercriminals to companies that hold vast amounts of personal data. It underscores the urgency for organizations to prioritize cybersecurity and adopt proactive measures to safeguard user information.

In conclusion, the security breach suffered by 23andMe in October highlights the vulnerability of personal data in the digital age and the imperative of stringent security protocols to protect against malicious cyber activities. As technology continues to advance, so too must our efforts to defend against potential threats and ensure the privacy and security of individuals’ sensitive information.

Извор линк

Најновији чланци

Нападачи злоупотребљавају функцију Гоогле огласа да би циљали Слацк, Нотион кориснике

 Нападачи поново злоупотребљавају Гоогле Адс да циљају људе са малвером који краде информације, овог пута...

Хакери тврде да су се инфилтрирали у компјутерску мрежу израелског нуклеарног постројења

Хакерска група повезана са Ираном објавила је да је успешно пробила компјутерску мрежу...

Хакер наводно користи приступ белог шешира да искористи крипто игру за 1ТП4Т4.6М

У изненађујућем преокрету догађаја, крипто игра са темом хране Супер Сусхи Самураи је пала...

Смањење претњи са тржишта ИАБ-а

Како напади рансомвера настављају да ескалирају по учесталости и озбиљности, један од кључних...

Више овако

Нападачи злоупотребљавају функцију Гоогле огласа да би циљали Слацк, Нотион кориснике

 Нападачи поново злоупотребљавају Гоогле Адс да циљају људе са малвером који краде информације, овог пута...

Хакери тврде да су се инфилтрирали у компјутерску мрежу израелског нуклеарног постројења

Хакерска група повезана са Ираном објавила је да је успешно пробила компјутерску мрежу...

Хакер наводно користи приступ белог шешира да искористи крипто игру за 1ТП4Т4.6М

У изненађујућем преокрету догађаја, крипто игра са темом хране Супер Сусхи Самураи је пала...
sr_RSSerbian