News Heading - 1

23andMe Security Breach Results in Theft of Raw Genotype Data, Health Reports

  • Written by Shipra Sanganeria Cybersecurity & Tech Writer
  • Fact-Checked by Justyn Newman Former Lead Cybersecurity Editor

Popular US-based genetic testing service provider, 23andMe notified customers that hackers may have stolen their sensitive information, including certain genotype data and health reports.

The security breach was first noticed after some of the stolen data was published on the popular hacking site, BreachForums and the unofficial 23andMe subreddit site, in October last year .

Following which an internal investigation was launched, which revealed that between April to September 2023, hackers had used credential stuffing attacks to access registered users’ data.

In a notification letter sent to the Office of California’s Attorney General , 23andMe stated, ‘’threat actor accessed those accounts where the usernames and passwords that were used on 23andMe.com were the same as those used on other websites that were previously compromised or otherwise available.’’

Its investigation revealed that attackers were able to access raw genotype data and certain health reports like, health-predisposition reports, wellness reports, and carrier status reports. In addition to these, it’s suspected that hackers may have also accessed a user’s self-reported health condition information and other personal information.

Furthermore, customers availing its DNA Relatives feature may have had their DNA Relatives and Family Tree profile information stolen. The attack also allowed the threat actors to gain access to the following information (if shared via the DNA Relatives feature):

  • Ancestry reports and matching DNA segments (specifically where on your chromosomes you and your relative had matching DNA)
  • Self-reported location (city/zip code)
  • Ancestor birth locations and family names, a weblink to user created family tree, profile picture and birth year
  • Other information included in the profile’s “Introduce yourself” section

After the discovery, 23andMe customers were required to reset their passwords using multi-factor authentication. Both new and existing users were also required to use two-step verification, while accessing their user account.

This incident also led multiple victims to file a class action lawsuit against 23andMe.

News Heading - 2

loanDepot Data Breach Compromises Sensitive Information of 16.6 Million Customers

  • Written by Shipra Sanganeria Cybersecurity & Tech Writer
  • Fact-Checked by Justyn Newman Former Lead Cybersecurity Editor

One of America’s leading non-bank mortgage providers, loanDepot, said that the recent security incident exposed the personal information of nearly 16.6 million customers.

Described as a ransomware attack, the January 8th cyber incident not only forced the company to shut down some of its IT systems, but it also adversely impacted its normal business operations.

‘The Company has made significant progress in restoring our loan origination and loan servicing systems, including our MyloanDepot and Servicing customer portals,’’ it said.

In a filing with the US Securities and Exchange Commission (SEC), loanDepot disclosed further details about the attack. It said that unauthorized hackers had gained access to some of its systems and encrypted data, including stealing personal information of millions of customers.

‘’Though our investigation is ongoing, at this time, the Company has determined that the unauthorized third-party activity included access to certain Company systems and the encryption of data.’’

‘’Upon detecting unauthorized activity, the Company promptly took steps to contain and respond to the incident, including launching an investigation with assistance from leading cybersecurity experts, and began the process of notifying applicable regulators and law enforcement.,’’ loanDepot said.

Although it did not share details about the type of customer data accessed, loanDepot assured authorities that it would notify the impacted individuals and also provide free credit monitoring and identity protection services.

The company also established a new microsite at loandepot.cyberincidentupdate.com to inform various stakeholders about additional operational updates.

Additionally, loadDepot said that it would continue with its investigation to determine the material impact of the incident.

With the increasing attacks on financial institutions, the risks of having their personal information stolen and misused has increased for customers. Moreover, having personally identifiable information (PII) of individuals, allows hackers to commit various kinds of crimes, including phishing attacks, identity and financial thefts.