Shub & Johns opens investigation into claims that 23andMe, the popular DNA testing service, launched its own investigation into the theft of user data from its servers. After a member of a dark web cybercrime forum indicated that they were selling valuable data stolen from the 23andMe company network, many clients became wary of the claim’s validity, and who may actually have their private information.

Though the data security breach was discovered in early October, the Company has not notified impacted individuals. 23andMe have confirmed that data exposed by the breach is legitimate. 23andMe have not publicly indicated the scope of the data breach, but the data sample posted on the dark web forum indicates at least 20 million pieces of data have been impacted. Consumer information exposed in the breach may vary but can include names, usernames, profile photos, gender, birthdays, geographical location, and genetic ancestry results.

The cybercriminals responsible for the breach may have already obtained and sold the compromised consumer information. In previous data breaches, victims of data theft have noticed identity theft attempts ranging from fraudulent charges on bank accounts or credit cards, medical and/or government services ordered in their name, or their information being posted on the dark web.

Affected by the 23andMe Data leak?

Have you recently received a data breach notification from 23andMe, or believe you may be impacted? If so, we would like to hear from you. Please complete the contact form on this page or contact us at 610-477-8380 or info@shublawyers.com.