23andMe consumer information is being supplied on the market on-line after the information was apparently stolen from compromised accounts.
In response to BleepingComputer, the DNA testing firm confirmed that buyer information was stolen in a credential-stuffing assault, utilizing credentials that have been uncovered in different breaches.
“We have been made conscious that sure 23andMe buyer profile info was compiled by entry to particular person 23andMe.com accounts,” 23andMe’s spokesperson informed BleepingComputer.
“We would not have any indication at the moment that there was a knowledge safety incident inside our techniques.”
“Somewhat, the preliminary outcomes of this investigation counsel that the login credentials utilized in these entry makes an attempt could have been gathered by a risk actor from information leaked throughout incidents involving different on-line platforms the place customers have recycled login credentials.”
The stolen information contains “full names, usernames, profile pictures, intercourse, date of start, genetic ancestry outcomes, and geographical location.”