this post was submitted on 08 Oct 2023
297 points (97.1% liked)

Technology

59143 readers
2264 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

User data stolen from genetic testing giant 23andMe is now for sale on the dark web::User data from 23andMe accounts has been leaked and put up for sale on a dark web forum after what appeared to be a "credential stuffing" cyberattack.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 9 points 1 year ago

This is the best summary I could come up with:


Hackers claiming to have access to the names, photos, birth details, and ethnicities of potentially millions of 23andMe customers are peddling the information on the dark web for thousands of dollars.

"The preliminary results of this investigation suggest that the login credentials used in these access attempts may have been gathered by a threat actor from data leaked during incidents involving other online platforms where users have recycled login credentials," a spokesperson for the company told Insider.

In other words, the hackers plugged in leaked username-password combinations into 23andMe accounts in a technique known as "credential stuffing."

One anonymous seller advertised the data on BreachForums earlier this week as containing "DNA profiles of millions, ranging from the world's top business magnates to dynasties often whispered about in conspiracy theories," and noted that each set of data also came with "corresponding email addresses," based on a repost of the ad on X.

Based on the results of its preliminary investigation, the company believes the hackers gained access to a much smaller number of user accounts, but managed to scrape the data of several other 23andMe users through a feature called DNA Relatives.

There may also be "hundreds of thousands of users of Chinese descent" impacted by the leak," Wired reported.


The original article contains 570 words, the summary contains 209 words. Saved 63%. I'm a bot and I'm open source!