- 23andMe Data Breach After Bankruptcy
What You Need to Know
The genetic testing company 23andMe suffered a major data breach, compromising 6.9 million users’ genetic and ancestry data, along with personal information like email addresses. This stolen data has already been put up for sale on the Dark Web, where cybercriminals buy and sell sensitive information.
While the full extent of the breach’s consequences is unknown, hackers can use stolen emails and genetic data for spear phishing attacks, sending realistic scam emails to trick victims into revealing further personal information. These attacks can lead to identity theft, financial fraud, or malware infections, including ransomware that locks victims out of their own systems until they pay a fee.
Adding to concerns, 23andMe has filed for bankruptcy and is looking for a buyer, leaving the future security of users’ genetic information uncertain. Unlike traditional medical records, genetic data is not protected under HIPAA privacy laws, meaning there are fewer safeguards in place to prevent misuse by third parties.
What You Should Do
To reduce the risk associated with the 23andMe data breach, users should take immediate action to secure their information:
- Delete Your 23andMe Account and Data – Since the company’s future is uncertain, the best course of action is to permanently delete your genetic data. Follow these steps:
- Log into your 23andMe account.
- Go to “Settings” in your profile.
- Scroll to the “23andMe Data” section at the bottom of the page.
- Click “View” next to “23andMe Data.”
- Download your data if you want a personal copy before deleting.
- Scroll to the “Delete Data” section and click “Permanently Delete Data.”
- Confirm your request by following the email link sent by 23andMe.
- Stay Alert for Phishing Scams – If your email was exposed in the breach, be extra cautious of unexpected emails, especially those claiming to be from 23andMe or financial institutions. Do not click links or provide personal information unless you independently verify the source.
- Monitor Financial and Online Accounts – Watch for suspicious activity on your bank accounts, emails, and social media. Consider setting up fraud alerts or identity theft monitoring services for added protection.
- Be Cautious with Future Genetic Testing Services – If you plan to use a genetic testing service in the future, research its data security policies carefully and verify whether it complies with strict privacy protections.
Think you are being scammed? Call our scam hotline or email us for help:
(801)-724-6211
scamwatch@invisus.com