Millions more 23andMe records leaked online

News
By
published

Two weeks after the first leak, the same hacker posts another 23andMe database

Zero-day attack
(Image credit: Shutterstock) (Image credit: Shutterstock.com)

Another database belonging to genetic testing website 23andMe has allegedly been published on a dark net forum, just days after an initial leak was revealed.

An individual going by the alias Golem published a database on BreachForums containing sensitive information on four million users.

Subsequent TechCrunch investigations confirmed that at least some of the data published matched known and public information. Roughly two weeks ago, Golem announced stealing sensitive user data from 23andMe, claiming to have done so by means of credential stuffing. 

August leak?

In credential stuffing, a hacker would take a list of previously stolen usernames and passwords, and with the help of automation, “stuff” the service with login attempts until one of them sticks. Further details were unavailable at the time.

The database Golem posted most recently contains records on four million users, reports said. The hacker said the data includes information on British individuals, including some of the “wealthiest people living in the U.S. and Western Europe.” A company spokesperson told TechCrunch that the company is aware of the news and is currently “reviewing the data to determine if it is legitimate.”

TechCrunch also speculates that this is possibly a follow-up to a leak that happened in early August this year. Back then, a user on a forum called Hydra posted a 23andMe user database, and claimed to have 300 terabytes of user data. The publication says that this sample matches, at least to some extent, to the data posted two weeks ago.

To try and minimize the damage, 23andMe asked users to update their passwords and turn on multi-factor authentication (MFA), before saying the leak happened because of its users’ poor password hygiene.

23andMe is a company that offers genetic testing services to consumers. A person would provide a saliva sample to the firm and would get information on their ancestry, as well as genetic predispositions to different diseases, conditions, and similar.

More from TechRadar Pro

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
healthcare
Over a million clinical records exposed in data breach
Dating App
Data breach at Senior Dating website spills info of 765,000 users
Cartoon Phishing
One of the largest data leaks ever sees info on 1.5 billion people leaked online
Data leak
Top healthcare company exposes data on millions of patients - find out if you're affected
Security
American National Insurance Company breach data found online
Data leak
Millions of supposedly private links leaked online by safe link provider
Latest in Security
A graphic showing fleet tracking locations over a city.
Lost & Found tracking site hit by major data breach - over 800,000 could be affected
US President Donald Trump speaks to the press as he signs an executive order to create a US sovereign wealth fund, in the Oval Office of the White House on February 3, 2025, in Washington, DC.
US set to pause cyber-offensive operations against Russia - but CISA says it won't stop
Web DDoS attacks see major surge as AI allows more powerful attacks
Polish space agency says it was hit by a cyberattack
Illustration of a hooked email hovering over a mobile phone
AWS misconfigurations reportedly used to launch phishing attacks
A concept image of someone typing on a computer. A red flashing danger sign is above the keyboard and nymbers and symbols also in glowing red surround it.
Microsoft Teams and other Windows tools hijacked to hack corporate networks
Latest in News
Google Gemini iPhone Lock Screen
You can now access Gemini from your iPhone's lock screen
Michelle, Keats, and Doctor Amherst looking unimpressed and worried in The Electric State
Netflix drops trailer for The Electric State, and I'm getting serious District 9 vibes
YouTube TV
YouTube TV might be planning a big Netflix update that puts the best streaming services first
Google Pixel 9 Pro
Here are the 7 best Pixel 9 and Pixel Watch 3 features landing in March’s Pixel Feature Drop
Bang & Olufsen Beogram 4000C Saint Laurent Rive Droite Edition
Bang & Olufsen's latest reworked turntable is a masterpiece of retro revival, in a breathtaking wooden presentation box
Apple Watch Series 10
Apple unveils new Apple Watch bands – here's what's in the Spring 2025 collection
More about security
A graphic showing fleet tracking locations over a city.

Lost & Found tracking site hit by major data breach - over 800,000 could be affected
A concept image of someone typing on a computer. A red flashing danger sign is above the keyboard and nymbers and symbols also in glowing red surround it.

Microsoft Teams and other Windows tools hijacked to hack corporate networks
An AI-generated image of the colosseum with slides coming out of it.

AI slop is taking over the internet and I've had enough of it
See more latest
Most Popular
A collage of Daredevil in Daredevil: Born Again and Tom Holland's Peter Parker in Spider-Man: Far From Home
Daredevil: Born Again episode 2 just gave me hope that the titular hero will join forces with Spider-Man in the MCU, but it won't happen on Disney+
Circular Ring 2
The Circular Ring 2 solves a crucial smart ring problem, and it's available to pre-order now
HTC Viverse
The company formerly known as HTC is doubling down on immersive worlds, AI, spatial computing and ... 6G?
A business woman looking at AI on a transparent screen
Businesses are facing an "AI Divide" - which could be the difference between success and failure
Google Gemini iPhone Lock Screen
You can now access Gemini from your iPhone's lock screen
Apple Vision Pro with Dassault Systèmes 3DEXPERIENCE platform
Dassault Systèmes teams up with Apple to use Vision Pro headsets to bring spatial CAD to life
Samsung 18.1-inch foldable OLED monitor
Samsung has launched a flexible portable monitor complete with a briefcase, one that seems to come straight from a James Bond movie
GenMachine Zhi mini pc
This is the smallest AMD PC I've ever seen: mysterious manufacturer uses Ryzen 3 APU with surprising results
Beelink ME Mini
One of our favorite mini PC vendors has launched a NAS that looks a bit like Apple's PowerMac G4 Cube PC - but way smaller
Michelle, Keats, and Doctor Amherst looking unimpressed and worried in The Electric State
Netflix drops trailer for The Electric State, and I'm getting serious District 9 vibes