This post will be updated as new information arises.
It is highly recommended that you delete your data, as nearly 7 million records have been list for sale on hacker and data breach forums.
A credential stuffing attack occurs when hackers use stolen login credentials from one site to gain access to another site.
Genetics firm 23andMe says user data stolen in credential stuffing attack
23andMe has confirmed to BleepingComputer that it is aware of user data from its platform circulating on hacker forums and attributes the leak to a credential-stuffing attack.
Bill Toulas
Archive Link: https://archive.is/8fPuG
23andMe admits hackers accessed 6.9 million users’ DNA Relatives data
Affected users are being notified by the company.
Emma Roth
Archive Link: https://archive.is/y6zVW
23andMe says private user data is up for sale after being scraped
Records reportedly belong to millions of users who opted in to a relative-search feature.
Dan Goodin
Archive Link: https://archive.is/9vQ0O
Hackers stole ancestry data of 6.9 million users, 23andMe finally confirmed
Majority of impacted users are now being notified.
Ashley Belanger
Archive Link: https://archive.is/0uLy3
Addressing Data Security Concerns - Action Plan
Protect your 23andMe data from unauthorized access. Learn what happened, how your data is protected and the steps we’re taking to prevent future incidents.
23andMe
Archive Link: https://archive.is/UoJFt
