DNA analyzing firm 23andMe confirmed a massive data breach that exposed the information of millions of its users. The California-based biotech company announced this alarming issue on Monday, Dec. 4.

However, 23andMe officials clarified that its system wasn't directly hacked by cybercriminals. Instead, the DNA analyzing firm said that hackers logged into tens of thousands of individual accounts.

DNA Analyzing Firm 23andMe Suffers From Massive Data Breach—Exposing Information of Over 6 Million Users!
(Photo: Sean Gallup/Getty Images) A scientist holds a petri dish containing sprouting barley embryos that have received spliced genetic material derived through the CRISPR-Cas9 editing process at the Leibnitz Institute of Plant Genetics and Crop Plant Research (IPK) on April 22, 2021, in Gatersleben, Germany.

The American biotech company said that this is only 0.1% of its clients. But, knowing that it was a DNA analyzing firm that was attacked by hackers is more than enough to concern Americans.

DNA Analyzing Firm 23andMe Suffers From Massive Data Breach

According to CBS News' latest report, 23andMe said that it launched an investigation in October after a speculated data breach. It all started when a threat actor claimed that acquired the biotech company's user profile information.

This means that most of the affected individuals are those who used the website and services of 23andMe. At first, the DNA analyzing firm said that it acknowledged a filing with the Securities and Exchange Commission.

This filing claims that the hacker accessed 0.1% of its user accounts. However, 23andMe clarified cybercriminals behind the attack might have been able to access the sensitive details of 6.9 million users.

BBC News reported that the hackers who conducted the latest 23andMe data breach relied on users' old passwords, as well as reused usernames.

For those who are not familiar with this California-based biotech firm, it focuses on analyzing DNA from people's saliva samples. After that, the company will produce reports showing clients' genetic health risks, ancestry, and other similar information.

This means that the details that 23andMe has are quite sensitive. But, should Americans really worry about the data breach?

Read Also: Top Google Expert Claims Chinese Cyberattacks Against Taiwan Alarmingly Increase-With Targets Broadening

What 23andMe Data Was Accessed?

DNA Analyzing Firm 23andMe Suffers From Massive Data Breach—Exposing Information of Over 6 Million Users!
(Photo: Christopher Furlong/Getty Images) Blood samples taken from volunteers are labeled and ready to be stored in the UK Biobank which will hold up to 15 million urine and blood samples, all controlled by robotics on April 17, 2007, in Stockport, England. The new UK Biobank is the largest blood-based research project in the world.

The biotech company confirmed that the hackers were able to access significant numbers of files, which contain profile information about users' ancestry.

It claimed that cybercriminals download sensitive information from other uses linked to the compromised 23andMe accounts. Information stolen by the hackers includes locations, pictures, addresses, birth years, and DNA percentages shared with relatives.

As of writing, the DNA analyzing firm hasn't confirmed if hackers advertised the stolen data to buyers or other cyber attackers. The latest data breach against the company shows the importance of cybersecurity behaviors of businesses.

"Poorly secured accounts, with weak passwords and no two-factor authentication, put all those sharing their sensitive data at risk," explained CybSafe CEO Oz Alashe.

Related Article: Ardent Health Services Breach Affects 30 Hospitals in Six US States-Forcing Patients to Find Other Medical Facilities

@ 2024 HNGN, All rights reserved. Do not reproduce without permission.