TrollEye Security

23andMe Data Leak Targets Ashkenazi Jews

In a disturbing development, a large amount of data from the genetic testing service, 23andMe, has been compromised and circulated on the dark web. What appears to be a meticulous campaign targeting individuals of Ashkenazi Jewish descent has now come to light, with close to a million users’ sensitive data exposed.

The database on the dark web was titled “Ashkenazi DNA Data of Celebrities,” it contains information of around 999,999 individuals who have apparently used 23andMe’s service. While it claims to expose celebrities, the majority are regular users. What binds them together is their Ashkenazi lineage.

Included in the leak are names, gender, and 23andMe’s evaluations of their genetic heritage. This breach has raised alarms, with some wondering what Hitler could have done if he had information like this.

What Actually Happened?

23andMe’s preliminary investigations suggest this isn’t a case of the company’s systems being directly hacked. Rather, the perpetrators may have accessed users’ passwords leaked from other sites, exploiting 23andMe’s feature that provides vast access to each other’s genetic data. The data seems to be scraped from users who had opted for the platform’s ‘DNA Relatives’ feature, emphasizing the unintended privacy consequences of such choices.

Interestingly, the cyberattack seems to be part of a broader sale campaign. A cybercriminal had offered data in bulk, ranging from $1-$10 per 23andMe account, based on purchase volume. While 23andMe has not identified an internal data security breach, they have acknowledged that the login credentials used in these access attempts likely came from external data leaks.

Implications for the Users

The data leak exposes users to potential cyber threats, extortion attempts, and identity theft. Genetic information is especially sensitive; once it’s out, it’s virtually impossible to change or retract.

Protective Measures for the Future

To prevent such breaches in the future, users are advised against password reuse, a common pitfall. Employing strong, unique passwords for each online account is paramount. Additionally, 23andMe offers two-factor authentication, a security measure every user should activate.

The incident underscores the evolving nature of cyber threats, where even our most personal and immutable information—our DNA—isn’t off-limits. As the digital landscape expands, so does the nature of potential threats, emphasizing the need for robust cybersecurity measures and practices, such as the ones offered at TrollEye Security, including Penetration Testing as a Service (PTaaS), Dark Web AnalysisDevSecOps, and Managed SIEM ( Purple Teaming).