People are used to getting surprises when they sign up for 23andMe, but “some hackers got their hands on your DNA” usually isn’t among them.
What happened: 23andMe, one of the world’s most popular DNA testing companies, confirmed that an October data breach resulted in hackers successfully swiping data from 6.9 million users—just a touch more than the 14,000 users that were initially estimated.
-
The interconnected nature of 23andMe’s service means that compromising just 0.1% of all accounts means that hackers could access data from over half of its users.
- Some of the stolen data targeted individuals with Ashkenazi Jewish and Chinese heritage and included names, birth years, locations, and DNA matches for relatives.
Why it matters: Cyberattacks have been on the rise—BlackBerry detected 26 per minute last quarter alone—putting massive amounts of personal data at risk. At the same time, AI has made hacking easier by helping crack accounts and write convincing phishing emails.
- More personal accounts for online services, plus more connected devices—from smart home appliances to business tech—also create more potential access points.
Big picture: The reputational toll of cyberattacks can be extra rough for companies working with sensitive health or financial data. The monetary costs of ransoms can be millions.—JK