23andMe

Too Long; Didn't ReadIn October 2023, 23andMe announced a data breach involving the theft of personal, genetic, and ethnic data of millions of users, subsequently sold on the dark web. The hackers employed "credential stuffing," using stolen username/password combinations from other sites, exploiting users' common practice of password reuse. This method exposed even accounts with strong passwords, as 23andMe's "DNA Relatives" feature interconnected user data. The incident highlights the inadequacy of relying solely on…

Welcome, folks, to Week in Review (WiR), TechCrunch’s regular newsletter that recaps the week in tech that was. Hope the holidays were restful for those who observed them. We at TC, for our parts, are gearing up for an eventful next week at CES in Las Vegas — while keeping an eye on the news cycle, as ever. In this edition of WiR, we spotlight Brian’s CES 2024 preview, 23andMe blaming victims for its data breach, GitHub making Copilot Chat generally available and Frontdesk laying off its entire staff. Also on the…

Google Just Disabled Cookies for 30 Million Chrome Users. Here’s How to Tell If You’re One of Them.But me love cookies!Photo: VIAVAL TOURS / Shutterstock.com (Shutterstock)Mr. Tweet Fumbles Super Bowl TweetToday marks the first of many upcoming moments of silence in Google’s years-long plan to kill cookies. As of this morning, the Chrome web browser disabled cookies for 1% of its users, about 30 million people. By the end of the year, cookies will be gone in Chrome forever—sort of.- Thomas Germain Read MoreMeet ‘Link…

Facing more than 30 lawsuits from victims of its massive data breach, 23andMe is now deflecting the blame to the victims themselves in an attempt to absolve itself from any responsibility, according to a letter sent to a group of victims seen by TechCrunch. “Rather than acknowledge its role in this data security disaster, 23andMe has apparently decided to leave its customers out to dry while downplaying the seriousness of these events,” Hassan Zavareei, one of the lawyers representing the victims who received the…

What happens when a company loses a bunch of user data? Typically, they apologize and sheepishly beg for forgiveness. Not so with 23andMe. The popular genomics company, which suffered a pretty terrible data breach last year, has instead opted to tell pissed off customers that they probably should’ve picked a better password if they didn’t want their data boosted. The FTC Just Prescribed a Can of Whoop Ass on Health DataTo clarify, 23andMe is currently being sued—or, more accurately, legally attacked—by a large number of…

Cybersecurity incidents are constantly in the news these days, but you’ll soon be hearing about a lot more of them. That’s because a new rule from the Securities and Exchange Commission went into effect on Monday, requiring all public companies to report data breaches in just four days.Teenage Cybercrime Gang LAPSUS$ Strikes AgainThe new SEC rule requires public companies to submit a government filing within four business days of determining a cybersecurity incident “material.” In 23andMe’s data breach, users found out in…

Photos from a cybercriminal seizure conducted by HAECHI IV’s operation.Photo: INTERPOLInterpol, an international police organization, has arrested nearly 3,500 people allegedly connected to cybercrime in a sweeping operation announced on Tuesday. $300 million worth of assets across 34 countries were reportedly seized. The operation, Haechi IV, blocked over 80,000 suspicious bank accounts and warned government officials of new types of scams using AI and fake NFTs.Teenage Cybercrime Gang LAPSUS$ Strikes Again“The seizure…

A proposed class-action lawsuit against 23andMe could include more people in Canada than originally anticipated, experts say, after the genetic testing company said a data breach affected millions more customers than initially believed.A statement from the company on Tuesday said hackers have gained access to roughly 6.9 million profiles on the site — nearly half its client base. Those profiles contain delicate personal data ranging from birth year, geographic location, health information and the percentage of DNA users…

Personal data is the new gold. The recent 23andMe data breach is a stark reminder of a chilling reality — our most intimate, personal information might not be as secure as we think. It’s a damning indictment of the sheer negligence of companies that, while profiting from our DNA, are failing to protect it. The 23andMe breach saw hackers gaining access to a whopping 6.9 million users’ personal information, including family trees, birth years and geographic locations. It brings to the fore a few significant questions:…

23andMe The 23andMe breach that took place in October has been confirmed as much worse than originally reported, affecting 6.9 million people, as opposed to the 14,000 users first thought. Information stolen in the breach included users’ full names, birth years, relationship labels, and locations. Approximately 1.4 million users also had Family Tree profile information on the service compromised. Hackers could also access genetic information in the breach, including details about common DNA percentages shared with…