Consumer DNA testing company 23andMe is investigating a potential data breach:

Threat actor used credentials exposed in other leaks to access legitimate 23andMe user accounts and scrape data, including “tailored ethnic groupings,” like 1 million lines of data on Ashkenazi people…

Data for sale includes full names, usernames, profile photos, sex, date of birth, genetic ancestry results, and geographical location.

https://www.bleepingcomputer.com/news/security/genetics-firm-23andme-says-user-data-stolen-in-credential-stuffing-attack/

#infosec #security #cybersecurity #techlaw #privacy