Fact Check: "In 2023, hackers accessed the information of nearly seven million customers of 23andMe, raising privacy concerns."
What We Know
In October 2023, it was reported that hackers accessed the personal information of approximately 6.9 million customers of the genetic testing company 23andMe. This breach involved the unauthorized access of user profiles, which included sensitive data such as names, profile photos, birth years, locations, family surnames, and ethnicity estimates (Wired, TechCrunch). The attack was characterized as a "credential stuffing" incident, where hackers used previously stolen passwords to gain access to user accounts (The Guardian).
The compromised data primarily affected users of Ashkenazi Jewish and Chinese descent, raising significant privacy concerns due to the targeted nature of the hack (NBC News, CNN). Following the breach, 23andMe temporarily disabled certain features within their DNA Relatives tool and began requiring two-factor authentication for all users to enhance security (TechCrunch, Risk Strategies).
Analysis
The claim that nearly seven million customers' information was accessed by hackers in 2023 is substantiated by multiple credible sources. The data breach was confirmed by 23andMe itself, which acknowledged that the hackers had accessed data from approximately 6.9 million users (TechCrunch, CNN). The fact that the breach was reported across various reputable outlets such as Wired, NBC News, and The Guardian adds to the reliability of the information.
Moreover, the nature of the data accessed raises serious privacy concerns, particularly because it included sensitive genetic and personal information. The targeted nature of the attack, focusing on specific ethnic groups, further amplifies these concerns and highlights the potential for misuse of the data (NBC News, Wired).
The sources used in this analysis are credible and well-regarded in the field of journalism and technology reporting. They provide detailed accounts of the breach, the response from 23andMe, and the implications for user privacy. The consistency across these sources reinforces the validity of the claim.
Conclusion
Verdict: True
The claim that hackers accessed the information of nearly seven million customers of 23andMe in 2023 is accurate. The breach was confirmed by the company and reported by multiple reputable news outlets, detailing the extent of the data compromised and the privacy concerns that arose as a result.
