23andMe Faces Data Breach: Intruders Access Genetic Profiles of Shared Ancestry Data

Biogenetics firm 23andMe recently spilled the beans on a data breach it faced in early October 2023, laying out the details in a fresh filing with the U.S. Securities and Exchange Commission (SEC).

According to the disclosure, the intruders managed to get their hands on data from 0.1% of 23andMe’s customer base. Now, if we take the company’s claim of having “more than 14 million customers worldwide” from a recent earnings report, that’s roughly 14,000 individuals affected.

However, it’s not as straightforward as it seems. See, 23andMe is all about genetics testing and ancestry exploration. Some users opt to share this genetic goldmine with other accounts through the nifty “DNA Relatives” feature. Here’s the kicker – the attackers got their mitts on “a significant number of files” loaded with profile details about the ancestry of users who willingly shared this info. So, it’s not just about the direct data breach; it ripples out to potentially impacting the shared ancestry profiles of other users.