Biotech - Cyber Security Review

23andMe is looking to sell customers’ genetic data, here’s how to delete it

Posted onMarch 25, 2025March 25, 2025

Many 23andMe customers signed up to the genetic testing service in hopes of learning fun or interesting information about their past. But consumer advocates are now urging those users to request the deletion of their accounts and data from the Read More …

Enzo Biochem ordered to cough up $4.5 million over lousy security that led to ransomware disaster

Posted onAugust 14, 2024August 15, 2024

Biotech biz Enzo Biochem is being forced to pay three state attorneys general a $4.5 million penalty following a 2023 ransomware attack that compromised the data of more than 2.4 million people. New York’s attorney general Letitia James announced the Read More …

UK and Canada governments launch full investigation into 23andMe mega breach

Posted onJune 11, 2024June 11, 2024

Data watchdogs in the UK and Canada are now jointly investigating the data breach that hit 23andMe in October 2023. The incident saw a threat actor post 13 million pieces of 23andMe data for sale on the dark web, including Read More …

23andMe blames “negligent” breach victims, says it’s their own fault

Posted onJanuary 4, 2024January 5, 2024

In a surprising move, in a letter to legal representatives of victims of the recent 23andMe data breach, the company has laid the blame at the feet of victims themselves. 23andMe even goes as far as to claim that this Read More …

Estonia: At least one case of extortion reported following Asper Biogene data leak

Posted onDecember 25, 2023January 1, 2024

Investigations into the Asper Biogene data leak that came to light last week are ongoing, and there is already at least one known case of an attempt to extort money from an individual in connection with the data leak. When Read More …

Hacker leaks millions more 23andMe user records on cybercrime forum

Posted onOctober 18, 2023October 20, 2023

The same hacker who leaked a trove of user data stolen from the genetic testing company 23andMe two weeks ago has now leaked millions of new user records. On Tuesday, a hacker who goes by Golem published a new dataset Read More …

Grayling: Previously unseen threat actor targets multiple organizations in Taiwan

Posted onOctober 10, 2023

A previously unknown advanced persistent threat (APT) group used custom malware and multiple publicly available tools to target a number of organizations in the manufacturing, IT, and biomedical sectors in Taiwan. A government agency located in the Pacific Islands, as Read More …

23andMe user data breached in credential-stuffing attack

Posted onOctober 7, 2023October 7, 2023

Biotech company 23andMe, known for its DNA testing kits, said the leak occurred through a credential-stuffing attack. A credential-stuffing attack involves user information that has already been compromised (usernames and passwords, for example) from one organization, which a hacker obtains Read More …