23andMe Cyber Attack Timeline
Introduction
The huge genetics and biotechnology company 23andMe experienced a significant data breach in 2023. Nearly 7 million people’s genetic information was leaked. This 23andMe Cyber Attack Timeline paper and summary graphic are simple to read and visually appealing since we have compiled all the publicly available facts into one place.
Analyzing previous cyberattacks can reveal pearls of knowledge that we might utilize to fortify our defenses against comparable assaults in the future. Cyber Management Alliance only frequently creates educational cyber-attack timelines with this goal in mind.
How did 23andMe’s genetic data jeopardize over 7 million customers? What occurred in that case? How did the business react? What, moreover, were the main causes of the severe criticism it encountered following this data breach?
As always, the point is not to talk about the victim. however, to draw conclusions from current ransomware, data leak, and cyberattacks. Building stronger Cyber Incident Response plans requires an understanding of the historical perspective that cyber attack timelines provide into the strategy and tactics of contemporary threat actors. These Attack Timelines can also serve as a source of inspiration for developing Cyber Attack Tabletop Exercise Scenarios for your company.
About 23andMe Data Breach
The threat actor Golem on Breach Forums stated in August 2023 that he had taken 300 TB of 23andMe data. The business acknowledged that there had been a data breach in October. It was implied that in order to compromise the data of 23andMe consumers, threat actors had launched a credential stuffing attack utilizing previously exposed credentials. Evidently, stolen information from the hack matched with publicly available family history records. Subsequently, it was also discovered that a staggering 6.9 million customers’ data had potentially been compromised. Regretfully, the assailants had posted extensive information about Ashkenazi Jews and Chinese people on the dark web, deliberately targeting minority communities. Beyond just the fact that data was released, the breach’s ramifications are extensive. The breach has a very political undertone because of the type of material that was released.
1. Names, profile photos, birth years, locations.
2. Family surnames, grandparents’ birthplaces, ethnicity estimates.
Lessons Learned from the 23andMe Cyber Attack
Similar to any other company in this situation, 23andMe acted quickly to lessen the harm. Users were urged to utilize two-factor authentication and change their passwords. In addition to notifying federal law enforcement and enlisting the assistance of outside cyber incident response professionals, it also deactivated certain functions inside the DNA Relatives service. Still, 23andMe is facing numerous lawsuits as a result of the incident. Clients claim that 23andMe breached privacy regulations by not disclosing enough of their most private information. It appears that the business also wrote letters to clients who were considering legal action. It allegedly made hints that many users “negligently recycled and failed to update their passwords,” rather than its own security flaws, were to blame for the data loss.
It soon faced harsh criticism. Experts noted that 14,000 clients were among those whose previously disclosed credentials were exploited in the credential stuffing attack. However, in the end, information belonging to nearly 6.9 million 23andMe users was compromised. Lawyers and genetic privacy specialists claimed that 23andMe ought to have done a better job of protecting this kind of private and sensitive data. It seems that the corporation waited months to discover the irregularities in its network. Clients still hold the company accountable for its inadequate security measures and incapacity to precisely determine the scope and gravity of the hack. Many others argue that the company ought to have warned its Chinese and Jewish clientele that they were the target of this attack expressly so they could have prepared for any potential consequences.
1. Prioritise data protection: The need of data protection should already be known to every company managing sensitive information. However, every other day, fresh data breaches are discovered. Never get comfortable, no matter how secure you think you are. Consult outside experts on cybersecurity, such as our Virtual Cyber Assistants. The assistance of highly skilled cybersecurity professionals is readily and reasonably available, and it can greatly raise your level of cybersecurity maturity. They will aid in the most appropriate filling of the gaps found as well as the evaluation and assessment of your present level of breach preparation.
2. Cyber Incident Planning and Response: No organization is exempt from the possibility of what occurred to 23andMe. But, as experts frequently point out, the reaction could have been more appropriate and, given the circumstances, possibly more sensitive. It’s never a good idea to even somewhat place the responsibility on the customers.
3. Test your Incident Response Protocols: It is never sufficient to have incident response protocols, a plan for handling incidents, or sufficient security measures. It is imperative that you conduct routine tests to verify the efficacy of your security protocols and policies. Penetration tests, cyberattack tabletop exercises, and cybersecurity audits and assessments must all be carried out on a sufficiently regular basis.
Conclusion
In conclusion, the history of cybersecurity demonstrates how attackers and defenders have been fighting each other in the digital space. It all started in the early days of computers, when dangers were very simple and security measures were basic. Cyberthreats evolved along with technology, giving rise to viruses, worms, and other harmful software.