23andMe acknowledged this week that data from users of its genetic testing and analysis platform has been circulating on dark web forums after what it says was a credential-stuffing attack, according to BleepingComputer. The outlet wrote that a hacker reportedly leaked what they said was “1 million lines of data” for Ashkenazi Jewish people before saying it would sell the data it had stolen for $1 – $10 per account. The data includes users’ names, profile photos, genetic ancestry results, date of birth, and geographical location.
In to a statement provided to BleepingComputer, the company confirmed the data is legitimate, but says attackers hadn’t breached its internal systems. According to the company, "the preliminary results of this...