23andMe has confirmed to BleepingComputer that it is aware of user data from its platform circulating on hacker forums and attributes the leak to a credential-stuffing attack.
I contacted them to find out if my account was hacked and their automated system claimed they have not experienced a breach and then tried to connect me with an actual person.
It’s been a few hours of “waiting for an agent” without progress so I’m giving up for the day. I think 23andme must be very busy with unhappy customers, or is massively understaffed.
I contacted them to find out if my account was hacked and their automated system claimed they have not experienced a breach and then tried to connect me with an actual person.
Verify they’re a person by having them read you the last 4 base pairs of their DNA.
Well they weren’t technically hacked, so that’s probably why they responded the way they did.
They literally used people’s passwords to login.
If you re-use your passwords across multiple sites then that is what would put you at risk for this.
Just change your 23andMe to a unique password and you should be good.
It’s been a few hours of “waiting for an agent” without progress so I’m giving up for the day. I think 23andme must be very busy with unhappy customers, or is massively understaffed.
Both? Both!
Why not?