What is the official website of 23andMe ?

The official website of 23andMe is https://www.23andme.com.

What is 23andMe's cybersecurity risk score?

23andMe has an AI-generated cybersecurity risk score of 100 out of 1000, indicating a Critical security posture according to Rankiteo's assessment.

How many security incidents has 23andMe experienced?

According to Rankiteo, 23andMe currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has 23andMe been affected by any supply chain cyber incidents ?

According to Rankiteo, 23andMe has been affected by multiple supply chain cyber incidents. The affected supply chain sources and their corresponding incident IDs are: MyHeritage (Incident ID: 23A1780359968) Snowflake (Incident ID: 23A1764346412) 23andMe (Incident ID: 23A4433044101425) 23andMe (Incident ID: 23A328072725)

Does 23andMe have SOC 2 Type 1 certification ?

According to Rankiteo, 23andMe is not certified under SOC 2 Type 1.

Does 23andMe have SOC 2 Type 2 certification ?

According to Rankiteo, 23andMe does not hold a SOC 2 Type 2 certification.

Does 23andMe comply with GDPR ?

According to Rankiteo, 23andMe is not listed as GDPR compliant.

Does 23andMe have PCI DSS certification ?

According to Rankiteo, 23andMe does not currently maintain PCI DSS compliance.

Does 23andMe comply with HIPAA ?

According to Rankiteo, 23andMe is not compliant with HIPAA regulations.

Does 23andMe have ISO 27001 certification ?

According to Rankiteo,23andMe is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does 23andMe operate in ?

23andMe operates primarily in the Non-profit Organizations industry.

How many employees does 23andMe have ?

23andMe employs approximately 559 people worldwide.

Does 23andMe own any subsidiaries ?

23andMe presently has no subsidiaries across any sectors.

How many LinkedIn followers does 23andMe have ?

23andMe's official LinkedIn profile has approximately 81,337 followers.

What is the NAICS classification code for 23andMe ?

23andMe is classified under the NAICS code 8135, which corresponds to Others.

Does 23andMe have a Crunchbase profile ?

Yes, 23andMe has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/23andme.

Does 23andMe have a LinkedIn profile ?

Yes, 23andMe maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/23andme.

How many cybersecurity incidents has 23andMe experienced ?

As of June 28, 2026, Rankiteo reports that 23andMe has experienced 8 cybersecurity incidents.

How many peer or competitor companies does 23andMe have ?

23andMe has an estimated 22,491 peer or competitor companies worldwide.

What types of cybersecurity incidents has 23andMe faced ?

Incident Types: The types of cybersecurity incidents that have occurred include Breach.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

23andMe

Boost Score +25 with badge (5 left)

100

/1000

Critical

125

/1000

Critical

23andMe Vendor Cyber Rating & Cyber Score

23andme.com

cb in

Add Your Compliance Badge

23andMe Research Institute is a nonprofit medical research organization that enables people everywhere to access their genetic information, learn about themselves and participate in the world's largest crowdsourced research initiative. The Institute aims to be the world's most significant contributor to scientific advancement, uniting people with the common goal of improving health and deepening our understanding of DNA — the code of life.

23andMe A.I CyberSecurity Scoring

Scoring History

23andMe

23andMe CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

23andMe

Breach

100

6/2026

MyHeritage

23A1780359968

23andMe

Breach

11/2025

Snowflake

23A1764346412

23andMe

Breach

9/2025

23A070260709262...

23andMe

Breach

100

3/2025

23A000032525

23andMe

Breach

100

10/2023

23andMe

23A443304410142...

23andMe

Breach

6/2023

23A489434811182...

23andMe

Breach

6/2023

23A1768948228

23andMe

Breach

4/2023

23andMe

23A328072725

Loading…

A.I.

23andMe Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for 23andMe

Incidents vs Non-profit Organizations Industry Avg (This Year)

23andMe has 31.51% fewer incidents than the average of same-industry companies with at least one recorded incident.

Incidents vs All-Companies Average (This Year)

23andMe has 5.66% fewer incidents than the average of all companies with at least one recorded incident.

Incident Types 23andMe vs Non-profit Organizations Industry Avg (This Year)

23andMe reported 1 incidents this year: 0 cyber attacks, 0 ransomware, 0 vulnerabilities, 1 data breaches, compared to industry peers with at least 1 incident.

Incident History - 23andMe (X = Date, Y = Severity)

Loading…

SUBSIDIARY

23andMe Subsidiaries

Parent Company

23andMe

Non-profit Organizations

Website: https://www.23andme.com

Company Size: 201-500 employees

No subsidiary data available for this company.

Loading…

23andMe Similar Companies

British Council

britishcouncil.org

We support peace and prosperity by building connections, understanding and trust between people in the UK and countries worldwide. We uniquely combine the UK’s deep expertise in arts and culture, education and the English language, our global presence and relationships in over 100 countries, our unparalleled access to young people and influencers and our creative sparkle. We work directly with individuals to help them gain the skills, confidence and connections to transform their lives and shape a better world in partnership with the UK. We support them to build networks and explore creative ideas, to learn English, to get a high-quality education and to gain internationally recognised qualifications. For more information, please visit: http://www.britishcouncil.org

International Rescue Committee

rescue.org

The International Rescue Committee responds to the world’s worst humanitarian crises and help people to survive, recover, and gain control of their future. Founded in 1933 at the request of Albert Einstein, the IRC offers lifesaving care and life-changing assistance to refugees and displaced people forced to flee from war or disaster. At work today in over 50+ countries and in 28 U.S. cities, the IRC restores safety, dignity and hope to millions who are uprooted and struggling to endure.

Médecins Sans Frontières (MSF)

msf.org

Médecins Sans Frontières (MSF) is an international, independent, medical humanitarian organisation working to provide medical assistance to people affected by conflict, epidemics, disasters, or exclusion from healthcare. Since our founding in 1971, we’ve grown to a global movement delivering humanitarian assistance in over 70 countries. Thanks to our 7 million individual donors, our work remains impartial and independent. Read more about us on msf.org

TED Conferences

TED.com

TED’s mission is to discover and champion the ideas that will shape tomorrow. Powerful ideas, powerfully presented, can move us to feel something, to think differently, to take action and create a brighter future. TED finds these powerful ideas across disciplines and around the globe, from people who passionately seek a deeper understanding of the world and want to make a difference in it. TED’s spotlight, and its engaged, open-minded audience, help these ideas to create real impact: to shift one person’s perspective, to make a difference within a community or to spark global transformation. Ideas change everything.

Transport for London

tfl.gov.uk

Every day, we help millions of people to make journeys across London: By Tube, bus, tram, car, bike – and more. People don’t associate us with journeys by river, on foot or via the air, but we help with that, too. Getting people to where they need to go has been our business for over 100 years, and it shows. We’re leaders in our field, and no other city’s transport system is quite as recognisable: Red buses, black taxis, Tube trains and roundels have become icons in their own right. Our main job is to keep the city moving, working and growing but to do that, we have to listen. Constant improvements across the network are fuelled by feedback and comments from customers, as well as work within communities, representative groups, businesses and other London transport stakeholders. But our progress also depends on technology and data. With the future at our fingertips, we’ve already used it to revolutionise travel payments (think Oyster and contactless payment cards), and improved travel information. Tech and data is essential, not just to our future, but to others’: third parties use our data to power apps and services vital to customer journeys. So what’s next? As well as continuing to deliver Mayor of London, Sadiq Khan’s strategy and commitments on transport, our programme of capital investments is still one of the largest. We launched the Elizabeth line, we’re modernising services and stations and making travel safer for all.

AIESEC

aiesec.org

AIESEC develops leadership among youth aged 18 to 30 and contributes to strengthening the global employability market by providing an end-to-end international talent recruitment solution for Enterprises, NGOs, and Start-ups. AIESEC is the world's largest youth-run organization developing the leadership potential of young people. Present in 120+ countries and territories across 2600 universities, we provide students and recent graduates with life-changing experiences to intern or volunteer abroad within partner organizations. We partner with organizations ranging from Fortune 500 to local enterprises in developing and sourcing their global talent needs across our network. Through our programs in universities, we provide organizations with access to a global network of young talent who have the capabilities to make a positive impact. For the last seven decades, we have developed over one million leaders ranging from business, civil society, and world leaders, including one Nobel Peace Prize Laureate. Learn more about us at - http://partners.aiesec.org

Colsubsidio

colsubsidio.com

Colsubsidio es una empresa privada sin ánimo de lucro que hace parte del Sistema de Protección y Seguridad Social en Colombia. Entendemos a las personas como seres integrales, con necesidades diversas y en constante transformación. Por eso, trabajamos para construir oportunidades a través de servicios en salud, educación, recreación, empleo, vivienda y subsidios. Creemos en el talento como motor del país y trabajamos para atraer y acompañar a quienes buscan construir una carrera con propósito. Haz parte de una de las empresas más relevantes, estables y en crecimiento del país. 🌐 Conoce más de nuestra labor : Facebook: https://www.facebook.com/ColsubsidioInfo YouTube: https://www.youtube.com/c/ColsubsidioInfo X (Twitter): https://twitter.com/Colsubsidio_Ofi

World Vision

wvi.org

World Vision is the largest child-focused private charity in the world. Our 33,000+ staff members working in nearly 100 countries have united with our incredible supporters to impact the lives of over 200 million vulnerable children by tackling the root causes of poverty. Through World Vision every 60 seconds…a family gets water…a hungry child is fed…a family receives the tools to overcome poverty. Motivated by our faith and guided by our deep experience and expertise, we are a Christian humanitarian, development and advocacy organisation devoted to improving the lives of children, families and their communities around the world and creating lasting impact that will live on in generations to come. We serve all people, regardless of religion, race, ethnicity, or gender.

St. Jude Children's Research Hospital - ALSAC

stjude.org

ALSAC is the largest healthcare-related charity in the United States. Founded in 1957 by Danny Thomas, our sole mission is to raise the funds and awareness needed to operate and maintain St. Jude Children's Research Hospital®. While our headquarters can be found in Memphis, Tennessee, we have additional offices in more than 30 locations across the country and in Puerto Rico with positions in fundraising, marketing, digital, information technology, legal, finance and many other disciplines all supporting our lifesaving mission - Finding cures. Saving children. ® At ALSAC, we believe in hiring the best and brightest from around the globe, and in 2020 we were named #1 on Fast Company's 100 Best Workplaces for Innovators. With a concerted focus on diversity and inclusion, we value and respect the contributions of all of our employees. Our work environment encourages everyone to be their authentic selves as we strive together towards a day when “no child dies in the dawn of life.” As we look to the future, we understand that we must be relentlessly innovative. Our work helps fuel the groundbreaking research and treatment at St. Jude and ensures that families never receive a bill from St. Jude for treatment, travel, housing or food — because all a family should worry about is helping their child live. View our career opportunities at https://www.stjude.org/jobs/alsac.html and follow ALSAC across social media using @stjude. To learn more about the research hospital, follow St. Jude Children's Research Hospital on LinkedIn. For specific career opportunities available through the hospital, visit www.stjude.org/JoinOurMission.

Loading…

NEWS

23andMe CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

February 04, 2026 08:00 AM

23andMe settlement approved in class-action lawsuit. Here's how to file a claim before deadline

Final approval of 23andMe's settlement was granted on Jan. 30, as the deadline for customers to file a claim approaches.

Read Article

January 05, 2026 08:00 AM

From Genes to Hackers: The Hidden Cybersecurity Risks in Life Sciences

Getting a new credit card number is relatively easy, but you can't get a new genome. In October 2023, 23andMe experienced a data breach...

Read Article

October 23, 2025 07:00 AM

23andMe’s Data-Theft Victims Offered ‘Genetic Monitoring’ to Ward Off Hackers

A trove of the bankrupt company's DNA profiles on millions of users is up for sale on the darknet.

Read Article

September 17, 2025 07:00 AM

23andMe Requests Bankruptcy Judge Approve Revised $50 Million Data Breach Settlement

23andMe has proposed an increased settlement fund to resolve U.S. litigation over its 2023 data breach, adding a further $20 million to the...

Read Article

July 17, 2025 07:00 AM

Privacy, Consent, and National Security After the 23andMe Bankruptcy

The sale of 23andMe's DNA database underscores the need to ban the transaction of Americans' genetic data as a corporate asset.

Read Article

July 14, 2025 07:00 AM

23andMe users have until today to file a claim in the DNA company's bankruptcy case. Here's how to do it.

Today is the deadline for 23andMe customers to submit a claim for compensation, if eligible.

Read Article

July 14, 2025 07:00 AM

Today is your last chance to file a claim with 23andMe for your genetic data in 2023

July 14 at 11:59 p.m. CT is your last chance to file a claim with 23andMe for a 2023 data breach that may have compromised your genetic...

Read Article

July 13, 2025 07:00 AM

23andMe data breach: Deadline looms for customers seeking compensation

A 2023 cyberattack compromised the sensitive personal information of nearly 7 million customers.

Read Article

July 11, 2025 07:00 AM

23andMe users have until this date to file a claim in bankruptcy case: Here’s how to do it

If you have a 23andMe account, you have until July 14 to file a claim as part of the restructuring in its bankruptcy case.

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-49416

SUMMARY

The CONS_HISTORY ioctl handler did not adequately validate the requested history size. A large value caused an integer overflow in the buffer size calculation, resulting in a heap allocation smaller than expected. Subsequent initialization of the buffer wrote beyond the end of the allocation. An unprivileged local user with access to a vt(4) device can trigger an out-of-bounds write in the kernel, potentially escalating privileges.

Published

Date2026-06-27

Updated

Date2026-06-27

RISK INFORMATION (Score: )

Impact Score

Exploitability

REFERENCES

https://security.freebsd.org/advisories/FreeBSD-SA-26:34.vt.asc

CVE-2026-49414

SUMMARY

The ELF image activator cleared per-process ASLR preference flags for setuid binaries after the code that computes the PIE base address, rather than before. As a result, a user-requested ASLR disable was still in effect at the point where the base address was chosen. An unprivileged local user can disable ASLR for a setuid PIE binary by calling procctl(2) before execve(2). This makes exploitation of any separate memory corruption vulnerability in that binary significantly easier.

Published

Date2026-06-27

Updated

Date2026-06-27

RISK INFORMATION (Score: )

Impact Score

Exploitability

REFERENCES

https://security.freebsd.org/advisories/FreeBSD-SA-26:32.elf.asc

CVE-2026-49417

SUMMARY

Second, the audio buffer backing a mapping could be freed when the device was closed even though the mapping remained valid. The freed memory could then be reused elsewhere while still accessible through the stale mapping. The /dev/dsp device nodes are world-accessible by default. On a system with an audio device, either issue allows an unprivileged local user to read and write kernel memory, which can be used to escalate privileges, potentially gaining full control of the affected system. At a minimum, an attacker can crash the kernel, resulting in a Denial of Service (DoS).

Published

Date2026-06-27

Updated

Date2026-06-27

RISK INFORMATION (Score: )

Impact Score

Exploitability

REFERENCES

https://security.freebsd.org/advisories/FreeBSD-SA-26:27.sound.asc

CVE-2026-49413

SUMMARY

The Linuxulator determined whether a binary was set-user-ID or set-group-ID by checking the P_SUGID process flag. During execve(2), this flag is not yet set at the point where the auxiliary vector is constructed, so AT_SECURE was incorrectly set to zero for set-user-ID and set-group-ID executables. An unprivileged local user can inject a shared library via LD_PRELOAD into a set-user-ID or set-group-ID Linux binary, gaining the privileges of that binary.

Published

Date2026-06-27

Updated

Date2026-06-27

RISK INFORMATION (Score: )

Impact Score

Exploitability

REFERENCES

https://security.freebsd.org/advisories/FreeBSD-SA-26:30.linux.asc

CVE-2026-49412

SUMMARY

The kernel handler for IPV6_MSFILTER dropped a serializing lock in order to copy the source-filter list from userspace, then reacquired the lock. During this window another thread could free the multicast filter structure, leaving the handler with a stale pointer to freed memory. An unprivileged local user can exploit this use-after-free to escalate privileges.

Published

Date2026-06-27

Updated

Date2026-06-27

RISK INFORMATION (Score: )

Impact Score

Exploitability

REFERENCES

https://security.freebsd.org/advisories/FreeBSD-SA-26:29.ip6_multicast.asc

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…