23andMe Data Breach - Hackers Targeted Jewish and Chinese Users Data
On June 14, 2024, 23andMe (NASDAQ: ME) disclosed a data breach from December 2023 affecting 7 million users. Hackers targeted the personal genetic information of Jewish and Chinese customers, which was sold on the dark web. The breach was not fully disclosed to the affected customers, sparking a class action lawsuit. Hackers leaked 1 million Jewish profiles and 350,000 Chinese profiles in retaliation for global events and specific requests. The breach potentially endangers the safety of these individuals. 23andMe initially blamed recycled login credentials for the breach and delayed full disclosure until December.
- 23andMe quickly identified that 7 million users were affected by the breach.
- The company has received immediate attention and action from legal firms specializing in consumer rights.
- Potential legal actions could result in financial compensation for affected users.
- The breach put 7 million users' personal information at risk, including sensitive genetic data.
- Jewish and Chinese customers were specifically targeted, leading to potential safety threats.
- The data was sold on the dark web, compounding the privacy violation.
- 23andMe delayed full disclosure of the breach and the extent of targeted data until December.
- The blame was initially shifted to users for using recycled login credentials.
- Potential lawsuits and the breach can damage the company's reputation and consumer trust.
- Financial and operational impacts from potential compensation claims and regulatory scrutiny.
Insights
The data breach at 23andMe involving the targeted genetic information of Jewish and Chinese users presents severe implications for cybersecurity and data privacy standards. The breach not only exposed sensitive genetic information but also highlighted specific targeting based on ethnicity, which makes it a significant privacy violation. The sale of this information on the dark web exacerbates the risks to affected individuals, who could face identity theft, harassment, or political persecution. Such incidents underscore the essential need for robust cybersecurity measures and transparency from companies handling personal data. Investors should note the potential long-term impact on trust and the company's reputation, which could drive users away.
The legal implications of 23andMe's data breach are profound, especially given the class action lawsuit alleging the company concealed critical details of the breach. The fact that specific ethnic groups were targeted and this information was withheld from customers could lead to significant legal repercussions. This concealment might be interpreted as a breach of fiduciary duty and privacy laws, leading to substantial fines and settlements. For investors, this represents a long-term financial risk as legal battles can be costly and protracted, impacting the company's bottom line and share value.
From a market perspective, the breach and subsequent handling by 23andMe could erode consumer confidence. The biotech and genetic testing industry relies heavily on consumer trust, given the sensitivity of the data involved. This breach could lead to a decline in user registrations and a potential loss of existing customers, affecting revenue growth. Additionally, competitors might leverage this incident to position themselves as more secure alternatives. Investors should watch for any shifts in market share and changes in user growth metrics over the coming quarters as potential indicators of the breach's impact.
NEW YORK, NY / ACCESSWIRE / June 14, 2024 / 23andMe (NASDAQ:ME) was hacked in December 2023, affecting approximately 7 million users of its genetic services website. According to a recently filed class complaint, hackers who infiltrated 23andMe's system were after the personal information of Jewish and Chinese customers, but the company hid that detail when notifying affected customers.
The hackers specifically targeted the personal genetic information of Jewish and Chinese customers and compiled that data - including genetic heritage, names, and addresses - into lists that were then sold on the dark web, but 23andMe concealed both those revelations when it announced the extent of the breach in December 2023.
According to the lawsuit, the hacker leaked a list of over 1 million Jewish customers expressly in retribution for the Israel-Hamas war. The hacker was also more than happy to leak a list of 350,000 Chinese customers upon request from a user with the alias "Wuhan."These lists generated a huge amount of interest from hackers on the dark web from all over the world and were shared and reshared an untold number of times.
The disclosure of these lists threatens the safety of those customers, including from the Chinese government, which has a long history of tracking Chinese citizens.
According to the lawsuit,to this day, 23andMe has not informed the 7 million compromised customers that their personal genetic information was disclosed on the dark web, nor has it told its Jewish and Chinese customers that they were specifically targeted.
IF YOU ARE A VULNERABLE person whose personal genetic information identifies you as having Ashkenazi Jewish heritage or Chinese ancestry, and/or live in California, Illinois, Oregon, or Alaska, please contact us to review your rights and eligibility for compensation:
ADDITIONAL BACKGROUND:
According to a recently filed class action complaint, on Oct. 1, 2023, a hacker using the alias "Golem" leaked the 23andMe data of 1 million Ashkenazi Jews on Breach Forums, calling it "the most valuable data you'll ever see."
"Golem's explicit targeting of Jewish 23andMe users is further conveyed by his use of the character 'Gollum' from The Lord of the Rings - a creature driven by greed with ugly and outsized facial features - as his profile picture."
A few hours later, a user with the alias "Wuhan" asked Golem if he had "Chinese accounts," according to the complaint. The next day, Golem leaked the data of 7 million users, saying in the post that the customer information included phenotype and health information, photos, and identification data.
Golem listed prices for the customer profiles at
Interest in the leaked Jewish and Chinese information was immediate and overwhelming following an Israeli bombing of a Palestinian hospital.
23andMe attempted to shift the blame to customers, telling them the breach was a result of customers using recycled login credentials from their accounts on other websites.Further, 23andMe then waited until December to report that 7 million customers were directly affected by the breach and didn't say anything about the data being sold on the dark web or that Jewish and Chinese customers were specifically targeted.
Levi Korsinsky, LLP is investigating whether affected customers are entitled to compensation. If you have received a notice about the data breach, you may be entitled to compensation. There is no cost or obligation to participate. Follow the link below to find out more:
Levi & Korsinsky is a nationally recognized consumer advocacy law firm that has recovered hundreds of millions of dollars against large corporations. The firm's team of over 70 extraordinary attorneys and professionals have a winning track record going against the most powerful defense attorneys in the world and know how to maximize your compensation. The firm is a
CONTACT:
Levi & Korsinsky, LLP
Joseph E. Levi, Esq.
Ed Korsinsky, Esq.
33 Whitehall Street, 17th Floor
New York, NY 10004
jlevi@levikorsinsky.com
Tel: (212) 363-7500
Fax: (212) 363-7171
https://zlk.com/
SOURCE: Levi & Korsinsky, LLP
View the original press release on accesswire.com
FAQ
What was the impact of the 23andMe data breach in December 2023?
Why were Jewish and Chinese users specifically targeted in the 23andMe hack?
When did 23andMe disclose the breach affecting 7 million users?
What data was compromised in the 23andMe hack?
What are the legal implications of the 23andMe data breach for investors?
