Data Security Assurance: 23andMe Refutes Data Breach, Disables DNA Relatives Feature for Enhanced Protection

Data Security Assurance: 23andMe Refutes Data Breach, Disables DNA Relatives Feature for Enhanced Protection

"Data Security Measures: 23andMe Temporarily Halts DNA Relatives Feature Amidst Data Breach Concerns

In response to recent reports of a potential data breach earlier this month, genetic testing company 23andMe has taken proactive measures by temporarily disabling certain features of DNA Relatives. This optional sub-service allows users to share their ancestry information globally. The company became aware that an external entity had unlawfully obtained information voluntarily disclosed by users while utilizing the DNA Relatives feature, as stated on 23andMe's official website.

According to the company's statement, the stolen information, acquired without user consent, was likely accessed through the recycling of login credentials. In instances where users used the same usernames and passwords on 23andMe.com as on other websites that had been previously compromised, threat actors exploited this vulnerability. This cyberattack technique, known as credential stuffing, underscores the importance of employing unique passwords for different online platforms.

While 23andMe is actively investigating the incident, their preliminary findings indicate that it does not qualify as a breach, a data security incident, nor was 23andMe the source of the compromised account credentials. The company has engaged third-party forensic experts and federal law enforcement to assist in the ongoing investigation.

It's crucial to note that not every 23andMe customer was impacted by the breach, though the exact number of affected registered users remains unclear. In a bid to keep affected customers informed, the company has reached out to some with additional details about the compromised information. The comprehensive scope of the breach and the total number of customers contacted are still unknown as the investigation unfolds."

"In a proactive response to the ongoing investigation into a potential data breach, 23andMe is actively engaging with its customers, providing updates on the situation, and urging additional measures to enhance account security. As a precautionary measure, the company is mandating that all customers reset their passwords and strongly encouraging the adoption of multi-factor authentication (MFA) for added security layers.

Emphasizing their commitment to customer transparency, 23andMe asserts, 'If we learn that a customer’s data has been accessed without their authorization, we will notify them directly with more information.' While DNA Relatives is an optional service, certain information required for its use may pose privacy concerns. To ensure complete privacy, the company recommends opting out of the feature entirely.

Customers are reminded that several fields within DNA Relatives are optional, including ancestry reports, DNA matching segments, location information, ancestor birth locations, family names, profile pictures, birth years, family trees, and details in introductions. On the other hand, mandatory fields encompass display names, login activity, relationship labels, predicted relationships, and the percentage of DNA shared with matches.

In an abundance of caution, 23andMe urges customers to fortify their accounts for enhanced security. For further inquiries and assistance, customers are encouraged to contact Customer Care at This email address is being protected from spambots. You need JavaScript enabled to view it.. As we navigate the evolving landscape of digital security, 23andMe remains committed to prioritizing customer well-being and data protection. Discover more about emerging technologies and security measures, including the innovative Google passkey, heralding a new era in password management."

"In conclusion, 23andMe's proactive response to the potential data breach underscores its commitment to customer transparency and data security. The mandated password reset and encouragement of multi-factor authentication reflect the company's dedication to fortifying account protection. With ongoing investigations and customer outreach, 23andMe seeks to keep users informed and secure. As digital landscapes evolve, prioritizing privacy and employing robust security measures remain paramount. For any further inquiries or assistance, customers are urged to reach out to 23andMe's Customer Care. In this era of advancing technologies, the company stands at the forefront of ensuring user safety and data integrity."

News

Money, Tech