On Friday, the genetic testing company 23andMe confirmed that data from a subset of users, targeting those with Ashkenazi Jewish ancestry, has been compromised and listed for sale online.
Wired reports that the company suggests its systems were not breached but that the attackers were able to gather data by guessing the login credentials of a group of users and then using the feature DNA Relatives to scrape additional information to compile the list.
It is reported that the list of 999,999 people who have Ashkenazi Jewish ancestry has been shared on the internet, including the Dark Web.
The database includes first and last names, sex, and 23andMe’s evaluation of where their ancestors came from.
Although most of the people targeted are not famous, the database is titled “ashkenazi DNA Data of Celebrities” and appears to have been sorted to only include people with Ashkenazi heritage.
NBC News was able to verify the data of two 23andMe users in the breach as authentic.
“Crazy, this could be used by Nazis,” one person who appears in the database said.
The company is still investigating the incident, but is treating the leak as authentic. In an emailed statement, a 23andMe spokesperson said the company believes it wasn’t hacked per se.
Instead, it believes that the hackers simply gained some users’ passwords that had been hacked and leaked from other sites, then exploited the fact that 23andMe can give users vast access to each others’ genetic information.
© Copyright RawNews1st