23andMe Users’ Info Leaked Again, Millions of Records Found on Dark Web

Millions of 23andMe users had their info leaked once again after being hacked earlier this month, according to a report by TechCrunch Thursday. The hacker, who goes by the name “Golem” on multiple dark web forums, published user information containing records of over four million people on Tuesday.

“We are aware that the threat actor involved in this investigation posted what they claim to be additional customer DNA Relative profile information,” said a 23andMe spokesperson via email.

The company that tells you about your family history is already facing lawsuits from the first data breach this month. The same hacker targeted users of Ashkenazi Jewish and Chinese descent including high-profile celebrities such as Tesla CEO Elon Musk, Google co-founder Sergey Brin and Meta CEO Mark Zuckerberg.

This time around, the hacker claims to have targeted users whose ancestors come from Great Britain, including data from “the wealthiest people living in the U.S. and Western Europe.”

23andMe says this current data breach is under review.

“We are currently reviewing the data to determine if it is legitimate. Our investigation is ongoing and if we learn that a customer’s data has been accessed without their authorization, we will notify them directly with more information,” said 23andMe.

Lawsuits surrounding the previous data breach alleged that 23andMe had inadequate digital safeguards, and have placed customers at an elevated risk of fraud and identity theft.

“We believe threat actors were able to access certain accounts in instances where users recycled login credentials – that is, usernames and passwords that were used on 23andMe.com were the same as those used on other websites that have been previously hacked,” the company told Gizmodo in early October.

A feature called ‘DNA relatives’ was especially relevant in the first attack, which allowed users to see people whose genetic data matched their own. If turned on, the feature allowed hackers to scrape data of a user’s DNA relatives, allowing one hacked account to lead to a network of hacked accounts, all with similar genetic backgrounds.