Our investigation determined the threat actor downloaded or accessed your uninterrupted raw genotype data, and may have accessed other sensitive information in your account,

Fascinating. I was under the impression that you couldn’t get that without having it sent to your email address. I certainly haven’t seen any other ways of getting raw genomics out.

Is this that the threat actor sent it to an email that was potentially compromised or do they have download logs of some form of hidden direct download feature?