Hacker claims information up for sale that targets Jewish users of 23andMe

The data is being offered for sale on underground forums, with the first batch including information of individuals with Ashkenazi Jewish ancestry.

Tara Rosenblum and Lee Danuff

Oct 10, 2023, 11:27 AM

Updated 365 days ago

Share:

A hacker claims that highly sensitive information impacting 1 million Jewish users is now up for sale from a genetic testing company.
News 12 senior investigative reporter Tara Rosenblum investigates the data breach and how people can stay safe.
The hacker claims to have stolen millions of pieces of data from 23andMe and has put highly sensitive information up for sale online targeting Jewish users of Eastern European descent.
They have reportedly suggested the data, which includes pictures, birth years, emails, DNA ancestry and even names of other relatives, could be used to single out people based on their ethnicity.
The news is unsettling for many, considering the tri-state is home to the largest concentration of Ashkenazi Jews in the nation.
Steve Weinstein is vice president at Flashpoint, a leading counterterrorism and intelligence firm that monitors online communities across the globe for emerging cyberthreats.
The New Jersey native says users should be prepared for more phishing attacks and take immediate action to mitigate the risk.
"There's a lot of inherent risk once sensitive information winds up being out on the dark web," he says. "You know when these types of data sets do wind up getting leaked, they do fall into the wrong hands."
Weinstein suggests making sure to "immediately change your password and set up two-factor authentication."
Weinstein says he worries the implications could be serious, given the hack comes on the heels of escalating Mideast turmoil, along with a dramatic rise in antisemitic hate at home.
"It's really important in light of recent events for people to take action," says Weinstein.
In a statement, 23andMe said it is treating the potential leak seriously and working with law enforcement. It added that it's likely other groups could be targeted, given the alleged stolen data could cover more than half of its 14 million customers.