23andMe Holding Co (NASDAQ:ME) Jewish and Chinese Users
- None.
- Potential risks for affected customers due to the disclosure of personal genetic information on the dark web.
- Allegations of negligence and lack of transparency against 23andMe for not disclosing the targeting of Jewish and Chinese customers by hackers.
Insights
The incident involving 23andMe highlights significant cybersecurity vulnerabilities within the genetic testing industry. The targeted nature of this breach, focusing on specific ethnic groups, raises concerns about the potential for genetic information to be misused for discriminatory purposes. The sale of genetic information on the dark web can lead to a myriad of risks, including identity theft, extortion and even bio-targeting.
From a cybersecurity perspective, the delay in disclosing the full extent of the breach is troubling. Timely notification is critical to allow affected individuals to take protective measures. Furthermore, the company's attempt to shift blame to customers for reusing login credentials, while a valid security concern, does not absolve the company of its responsibility to safeguard user data with robust security measures.
It's imperative for companies holding sensitive data to implement advanced encryption methods, continuous monitoring and to educate users on best practices for account security. The impact of this breach on 23andMe's reputation and user trust could have significant long-term consequences for the company.
The filed class action lawsuit against 23andMe has substantial legal implications. Not only is the company facing accusations of failing to protect sensitive customer data, but the allegation that it concealed vital details about the breach could lead to increased scrutiny under data protection laws. In jurisdictions with stringent data privacy regulations, such as California's CCPA or Europe's GDPR, the penalties for non-compliance can be severe.
The specific targeting of Jewish and Chinese customers could also introduce elements of discrimination and hate crimes into the legal proceedings. If the company is found to have not taken adequate steps to inform the affected groups, it could face additional claims of negligence. The legal outcomes of this case could set a precedent for how genetic data breaches are handled in the future and may lead to calls for more robust data privacy legislation.
The breach at 23andMe is likely to have immediate and long-term financial repercussions for the company. In the short term, the company may experience a decline in user trust and brand reputation, potentially leading to a decrease in new user sign-ups and an increase in churn rates. The costs associated with the legal proceedings, potential settlements and increased security measures will likely impact the company's financial performance.
In the long term, the breach could lead to increased regulatory costs and the need for significant investments in cybersecurity infrastructure. Moreover, if the breach results in stricter industry regulations, the entire genetic testing sector could face higher compliance costs. Investors should monitor the situation closely, as the breach could affect not only 23andMe's stock price but also the valuation of similar companies in the genetic testing market.
NEW YORK, NY / ACCESSWIRE / February 26, 2024 / 23andMe (NASDAQ:ME) was hacked in December 2023, affecting approximately 7 million users of its genetic services website. According to a recently filed class complaint, hackers who infiltrated 23andMe's system were after the personal information of Jewish and Chinese customers, but the company hid that detail when notifying affected customers.
The hackers specifically targeted the personal genetic information of Jewish and Chinese customers and compiled that data - including genetic heritage, names, and addresses - into lists that were then sold on the dark web, but 23andMe concealed both those revelations when it announced the extent of the breach in December 2023.
According to the lawsuit, the hacker leaked a list of over 1 million Jewish customers expressly in retribution for the Israel-Hamas war. The hacker was also more than happy to leak a list of 350,000 Chinese customers upon request from a user with the alias "Wuhan."These lists generated a huge amount of interest from hackers on the dark web from all over the world and were shared and reshared an untold number of times.
The disclosure of these lists threatens the safety of those customers, including from the Chinese government, which has a long history of tracking Chinese citizens.
According to the lawsuit,to this day, 23andMe has not informed the 7 million compromised customers that their personal genetic information was disclosed on the dark web, nor has it told its Jewish and Chinese customers that they were specifically targeted.
IF YOU ARE A VULNERABLE person whose personal genetic information identifies you as having Ashkenazi Jewish heritage or Chinese ancestry, and/or live in California, Illinois, Oregon, or Alaska, please contact us to review your rights and eligibility for compensation:
ADDITIONAL BACKGROUND:
According to a recently filed class action complaint, on Oct. 1, 2023, a hacker using the alias "Golem" leaked the 23andMe data of 1 million Ashkenazi Jews on Breach Forums, calling it "the most valuable data you'll ever see."
"Golem's explicit targeting of Jewish 23andMe users is further conveyed by his use of the character 'Gollum' from The Lord of the Rings - a creature driven by greed with ugly and outsized facial features - as his profile picture."
A few hours later, a user with the alias "Wuhan" asked Golem if he had "Chinese accounts," according to the complaint. The next day, Golem leaked the data of 7 million users, saying in the post that the customer information included phenotype and health information, photos, and identification data.
Golem listed prices for the customer profiles at
Interest in the leaked Jewish and Chinese information was immediate and overwhelming following an Israeli bombing of a Palestinian hospital.
23andMe attempted to shift the blame to customers, telling them the breach was a result of customers using recycled login credentials from their accounts on other websites.Further, 23andMe then waited until December to report that 7 million customers were directly affected by the breach and didn't say anything about the data being sold on the dark web or that Jewish and Chinese customers were specifically targeted.
Levi Korsinsky, LLP is investigating whether affected customers are entitled to compensation. If you have received a notice about the data breach, you may be entitled to compensation. There is no cost or obligation to participate. Follow the link below to find out more:
Levi & Korsinsky is a nationally recognized consumer advocacy law firm that has recovered hundreds of millions of dollars against large corporations. The firm's team of over 70 extraordinary attorneys and professionals have a winning track record going against the most powerful defense attorneys in the world and know how to maximize your compensation. The firm is a
Levi & Korsinsky, LLP
Joseph E. Levi, Esq.
33 Whitehall Street, 17th Floor
New York, NY 10004
jlevi@levikorsinsky.com
Tel: (212) 363-7500
Fax: (212) 363-7171
www.zlk.com
CONTACT:
Levi & Korsinsky, LLP
Joseph E. Levi, Esq.
Ed Korsinsky, Esq.
33 Whitehall Street, 17th Floor
New York, NY 10004
jlevi@levikorsinsky.com
Tel: (212) 363-7500
Fax: (212) 363-7171
https://zlk.com/
SOURCE: Levi & Korsinsky, LLP
View the original press release on accesswire.com
FAQ
What caused the data breach at 23andMe (ME)?
How many users were affected by the data breach at 23andMe (ME)?
What information was targeted by hackers in the 23andMe (ME) data breach?
What actions did 23andMe (ME) take after the data breach?
Are there any lawsuits related to the 23andMe (ME) data breach?
How did hackers exploit the data from the 23andMe (ME) data breach?
What should vulnerable customers of 23andMe (ME) do?