23andMe: Negligent security practices facilitating credential stuffing attacks targeting Ashkenazi Jewish and Chinese genetic data

February 25, 2026 •

Credential Stuffing Mechanics: Exploiting Recycled Login Credentials The mechanics of the October 2023 cyberattack on 23andMe represent a catastrophic failure of basic digital hygiene, not…