Data watchdogs in the UK and Canada are now jointly investigating the data breach that hit 23andMe in October 2023.
The incident saw a threat actor post 13 million pieces of 23andMe data for sale on the dark web, including people’s origin estimation, phenotype and health information, photos and identification data, raw data, and some other account information.
Read more…
Source: TechRadar
Related:
- New spyware found to be snooping on thousands of Android and iOS users
February 28, 2025
Hundreds of thousands of Android users, as well as several thousand iPhone users, have had their sensitive data compromised by a spouseware app, called Spyzie. The apps were found leaking email addresses, text messages, call logs, photographs, and other sensitive data, belonging to millions of people who, without their knowledge or consent, have had these apps ...
- How hackers ruined a Disney employee’s life after he downloaded AI photo tool
February 27, 2025
A former Disney employee’s world was turned upside down when he downloaded an artificial intelligence-powered photo program, unaware that it was laced with hacking software, during a massive data breach at the entertainment giant. In July, Matthew Van Andel, an engineer at Disney at the time, got a message on the chat forum Discord from an ...
- Background check provider data breach affects 3 million people who may not have heard of the company
February 25, 2025
Employment screening company DISA Global Solutions has filed a data breach notification after a cyber incident on their network. DISA says a third party had access to its environment between February 9, 2024, and April 22, 2024. The attacker may have accessed over three million files containing personal information. DISA is a third-party administrator of employment ...
- New York amends data breach law
February 24, 2025
On December 24, New York Gov. Kathy Hochul (D) signed into law an amendment to section 899-aa of the N.Y. General Business Law, also known as The Shield Act, modifying the law’s data breach notification requirements. The amendment, which took effect immediately, incorporates provisions that other states have adopted in recent years. First, the amendment shortens ...
- Over a million clinical records exposed in data breach
February 21, 2025
Security researcher Jeremiah Fowler discovered the DM Clinical Research database containing 1,674,218 records, totaling 2TB, including names, medical information, phone numbers, email addresses, medications, and health conditions – along with other data. Although the name of the dataset indicates the details belong to DM Clinical Research, it’s not clear if this was owned and managed by ...
- Finastra Notifies Customers of Data Breach
February 19, 2025
British financial technology firm Finastra has notified customers impacted by a data breach that occurred over three months ago. Between October 31 and November 8, 2024, an unauthorized third party accessed the company’s secure file transfer platform (SFTP), used to share files with customers. Although the breach was detected on November 7, and the company acknowledged ...