In my previous message, I presented 3 different pieces of evidence for this. The endpoint where the vulnerability is located => https://you.23andme.com/p/1/family/ibd_segments/?profile_id_1=53c961b2bc5e1c7d&profile_id_2=f800f1fdd208b58f,bfdad8a0e45f8a93,6106a0aed2b549f2,afc76d322a8c6098,40952072ccb8f805

By inputting the profile of the person you want into the profile_id_1 parameter, you could see the relationship between that person and the users in profile_id_2 based on segments, positions, centimorgans, and SNP count. Since I already had the haplogroup, origin, and location information of 14 million people, I found all the close relatives of any person with an average of 50 requests. For this, I wrote an advanced script and pulled all this data. I’m a real hacker; my life has not been spent with SIEM and WAF products like the 23andMe infosec team, but with writing programs.

¯ \(ツ)/¯