23andMe says it’s been majorly compromised after hackers busted into their system a couple months ago and accessed about half of their user base’s very private data.
The DNA ancestry company — which lets people look into their past and connect with distant relatives — had their digital archives breached in October … but the full details of what exactly was gained and pored over by bad actors is now coming to light, and it’s bad.
A rep for the company confirms about 6.9 million individuals who use 23andMe — about half of their total users at 14 million — were affected in the hack … albeit, in different ways.
5.5 million people who’d opted into their DNA Relatives feature potentially had extremely sensitive info rifled through — ’cause this is the portal where people can upload their name, birth years, relationship labels to others, percentage of DNA shared with relatives, ancestry reports and even self-reported locations … depending on what they’d thrown in there.
The company says a separate 1.4 million users who had also opted into this Relatives feature from 23andMe also had their Family Tree profiles illegally accessed — which has a lot of the same user-shared details as above (sans ancestry info/DNA matching info, per 23andMe)… only here, with possibly way more people attached to any given “tree.”
23andMe is catching flak over this alarming update, ’cause in an SEC filing on Friday … they said only 0.1% of their customers’ accounts had been impacted — but these numbers suggest it was far worse than they publicly indicated.