NEW: The same hacker who leaked stolen 23andMe user data two weeks ago has now posted another 4 million records.

We downloaded the data and found that dozens of records match known and public 23andMe user and genetic information.

Meanwhile, no comment from 23andMe.

https://techcrunch.com/2023/10/18/hacker-leaks-millions-more-23andme-user-records-on-cybercrime-forum/

TechCrunch is part of the Yahoo family of brands

@lorenzofb That no comment part from 23andMe is nuts. How do you not get ahead of a story like this now that it is getting worse? Truly stunning behaviour.
@bobstarr
Cause it's not a hack... It's just password sniffing... It's very common
@lorenzofb
@thibaultmol @lorenzofb Oh I see, so while the act itself did expose data it wasn't necessarily done in a traditional way. Thanks for that context. I'm still a little taken back that 23andMe hasn't said much about it given that customer data is out there.

@bobstarr
Well, they have:
https://blog.23andme.com/articles/addressing-data-security-concerns

And people affected were emailed.

But yeah, it's not a hack, so there isn't much on their end to say. This happens on a bunch of services daily, as we speak probably. Nothing new
@lorenzofb

Addressing Data Security Concerns

Protect your 23andMe data from unauthorized access--learn about security threats and how to prevent them now.

23andMe Blog