• 23andMe discloses a breach affecting 0.1% of its customers, approximately 14,000 accounts.
  • Hackers used the "credential stuffing" technique, exploiting known passwords to gain unauthorized access.
  • In October, hackers advertised alleged data of millions online, including Jewish Ashkenazi and Chinese users.

23andMe, a genetic testing company, revealed that approximately 14,000 customer accounts were breached by hackers. The company stated in a recent filing with the U.S. 

Securities and Exchange Commission that their investigation concluded that this breach affected only 0.1% of their customer base. With over 14 million customers worldwide, this equates to around 14,000 accounts.

The company did not provide details about the exact number of files or users affected by the hackers' access to the accounts.

In early October, 23andMe revealed that hackers had stolen data from some users. The hackers used a technique called "credential stuffing" to access the victims' accounts using a known password, possibly leaked from another service.

In October, reports of a data breach emerged online after hackers advertised the supposed data of one million Jewish Ashkenazi users and 100,000 Chinese users on a popular hacking forum. The same hacker later announced the alleged records of an additional four million individuals, attempting to sell their data for prices ranging from $1 to $10.


Edited by Shruti Thapa