23andMe Holding Co (NASDAQ: ME) Jewish and Chinese Users
23andMe (NASDAQ: ME) faced a significant data breach in December 2023, affecting approximately 7 million users of its genetic services website. A recently filed class complaint reveals that hackers specifically targeted the personal genetic information of Jewish and Chinese customers. The breach resulted in the compilation and sale of sensitive data on the dark web, including a list of over 1 million Jewish customers and 350,000 Chinese customers. The lawsuit alleges that 23andMe concealed these details when notifying affected customers and has not informed them about the specific targeting or the extent of the data exposure on the dark web.
23andMe (NASDAQ: ME) ha subito una violazione significativa dei dati nel dicembre 2023, che ha colpito circa 7 milioni di utenti del suo sito web di servizi genetici. Una recente denuncia collettiva rivela che gli hacker hanno specificamente mirato alle informazioni genetiche personali di clienti ebrei e cinesi. La violazione ha portato alla compilazione e vendita di dati sensibili nel dark web, inclusa una lista di oltre 1 milione di clienti ebrei e 350.000 clienti cinesi. La causa afferma che 23andMe ha nascosto questi dettagli quando ha notificato i clienti colpiti e non li ha informati riguardo al miramento specifico o all'estensione dell'esposizione dei dati nel dark web.
23andMe (NASDAQ: ME) enfrentó una violación de datos significativa en diciembre de 2023, afectando aproximadamente a 7 millones de usuarios de su sitio web de servicios genéticos. Una demanda colectiva recientemente presentada revela que los hackers apuntaron específicamente a la información genética personal de clientes judíos y chinos. La violación resultó en la recopilación y venta de datos sensibles en la dark web, incluyendo una lista de más de 1 millón de clientes judíos y 350,000 clientes chinos. La demanda alega que 23andMe ocultó estos detalles al notificar a los clientes afectados y no les informó sobre el objetivo específico o la magnitud de la exposición de datos en la dark web.
23andMe (NASDAQ: ME)는 2023년 12월에 약 700만 사용자에게 영향을 미치는 중요한 데이터 유출 사건을 겪었습니다. 최근 제기된 집단 소송에 따르면 해커들은 유대인 및 중국 고객의 개인 유전 정보를 겨냥했습니다. 이번 유출로 인해 100만 명 이상의 유대인 고객과 35만 명의 중국 고객을 포함한 민감한 데이터가 다크 웹에서 수집되고 판매되었습니다. 소송은 23andMe가 영향을 받은 고객들에게 이러한 세부정보를 숨기고 다크 웹에서의 데이터 노출 범위나 특정 목표에 대해 알리지 않았다고 주장합니다.
23andMe (NASDAQ: ME) a connu une violation de données significative en décembre 2023, affectant environ 7 millions d'utilisateurs de son site de services génétiques. Une récente plainte collective révèle que des hackers ont spécifiquement ciblé les informations génétiques personnelles de clients juifs et chinois. Cette violation a abouti à la compilation et à la vente de données sensibles sur le dark web, y compris une liste de plus de 1 million de clients juifs et 350 000 clients chinois. La poursuite allègue que 23andMe a dissimulé ces détails lors de la notification des clients affectés et ne les a pas informés du ciblage spécifique ou de l'étendue de l'exposition des données sur le dark web.
23andMe (NASDAQ: ME) hatte im Dezember 2023 einen erheblichen Datenmissbrauch, der etwa 7 Millionen Nutzer seiner genetischen Dienstleistungswebsite betraf. Eine kürzlich eingereichte Klage zeigt, dass Hacker gezielt die persönlichen genetischen Informationen von jüdischen und chinesischen Kunden ins Visier genommen haben. Der Missbrauch führte zur Zusammenstellung und zum Verkauf sensibler Daten im Dark Web, darunter eine Liste von über 1 Million jüdischen Kunden und 350.000 chinesischen Kunden. Die Klage behauptet, dass 23andMe diese Details bei der Benachrichtigung der betroffenen Kunden verschwiegen hat und sie nicht über die gezielte Ansprache oder das Ausmaß der Datenexposition im Dark Web informiert hat.
- None.
- Data breach affecting 7 million users, potentially damaging customer trust and brand reputation
- Targeted leak of sensitive genetic information for Jewish and Chinese customers, raising security and discrimination concerns
- Alleged concealment of breach details, potentially leading to legal and regulatory consequences
- Possible financial impact from legal actions and compensation claims
- Potential loss of customers and market share due to security concerns
Insights
This data breach at 23andMe is extremely concerning from a cybersecurity perspective. The targeted nature of the attack, focusing on specific ethnic groups, adds a new layer of complexity to data protection strategies. The delay in full disclosure and the alleged concealment of critical details about the breach raise serious questions about 23andMe's incident response protocols.
The sale of genetic data on the dark web is particularly alarming. This information is immutable and highly sensitive, potentially exposing individuals to long-term risks. The breach highlights the need for stricter data protection measures in genetic testing companies, including enhanced encryption, multi-factor authentication and more transparent breach notification processes.
This incident may lead to increased regulatory scrutiny and could potentially result in significant financial and reputational damage for 23andMe. It also underscores the broader cybersecurity challenges faced by companies handling sensitive personal data.
The class action lawsuit against 23andMe presents significant legal challenges for the company. The allegations of concealment and delayed notification could potentially violate data breach notification laws in multiple jurisdictions. If proven, this could lead to substantial penalties and damages.
The targeting of specific ethnic groups adds a discriminatory element to the case, which could amplify legal repercussions. The company's attempt to shift blame to customers for using recycled credentials may not be a strong defense, especially if they failed to implement adequate security measures.
This case could set a precedent for genetic data protection and breach notification standards. It may also lead to increased regulatory scrutiny of the genetic testing industry as a whole. The potential for compensation to affected individuals is high, given the sensitive nature of the compromised data and the alleged mishandling of the breach notification.
This data breach and subsequent lawsuit pose significant financial risks for 23andMe. The company may face substantial legal costs, potential fines and compensation payouts to affected users. The reputational damage could lead to a loss of customer trust, potentially impacting future revenue streams.
Investors should be concerned about the long-term financial implications. The genetic testing market is highly competitive and this breach could give competitors an edge. 23andMe may need to invest heavily in cybersecurity upgrades and PR efforts to rebuild trust, which could strain its financial resources.
The stock price is likely to face downward pressure in the short to medium term as the market digests the full impact of this news. The company's ability to retain existing customers and attract new ones may be compromised, potentially affecting its growth projections and overall market valuation.
NEW YORK, NY / ACCESSWIRE / August 13, 2024 / 23andMe (NASDAQ:ME) was hacked in December 2023, affecting approximately 7 million users of its genetic services website. According to a recently filed class complaint, hackers who infiltrated 23andMe's system were after the personal information of Jewish and Chinese customers, but the company hid that detail when notifying affected customers.
The hackers specifically targeted the personal genetic information of Jewish and Chinese customers and compiled that data - including genetic heritage, names, and addresses - into lists that were then sold on the dark web, but 23andMe concealed both those revelations when it announced the extent of the breach in December 2023.
According to the lawsuit, the hacker leaked a list of over 1 million Jewish customers expressly in retribution for the Israel-Hamas war. The hacker was also more than happy to leak a list of 350,000 Chinese customers upon request from a user with the alias "Wuhan." These lists generated a huge amount of interest from hackers on the dark web from all over the world and were shared and reshared an untold number of times.
The disclosure of these lists threatens the safety of those customers, including from the Chinese government, which has a long history of tracking Chinese citizens.
According to the lawsuit, to this day, 23andMe has not informed the 7 million compromised customers that their personal genetic information was disclosed on the dark web, nor has it told its Jewish and Chinese customers that they were specifically targeted.
IF YOU ARE A VULNERABLE person whose personal genetic information identifies you as having Ashkenazi Jewish heritage or Chinese ancestry, and/or live in California, Illinois, Oregon, or Alaska, please contact us to review your rights and eligibility for compensation:
ADDITIONAL BACKGROUND:
According to a recently filed class action complaint, on Oct. 1, 2023, a hacker using the alias "Golem" leaked the 23andMe data of 1 million Ashkenazi Jews on Breach Forums, calling it "the most valuable data you'll ever see."
"Golem's explicit targeting of Jewish 23andMe users is further conveyed by his use of the character 'Gollum' from The Lord of the Rings - a creature driven by greed with ugly and outsized facial features - as his profile picture."
A few hours later, a user with the alias "Wuhan" asked Golem if he had "Chinese accounts," according to the complaint. The next day, Golem leaked the data of 7 million users, saying in the post that the customer information included phenotype and health information, photos, and identification data.
Golem listed prices for the customer profiles at
Interest in the leaked Jewish and Chinese information was immediate and overwhelming following an Israeli bombing of a Palestinian hospital.
23andMe attempted to shift the blame to customers, telling them the breach was a result of customers using recycled login credentials from their accounts on other websites. Further, 23andMe then waited until December to report that 7 million customers were directly affected by the breach and didn't say anything about the data being sold on the dark web or that Jewish and Chinese customers were specifically targeted.
Levi Korsinsky, LLP is investigating whether affected customers are entitled to compensation. If you have received a notice about the data breach, you may be entitled to compensation. There is no cost or obligation to participate. Follow the link below to find out more:
Levi & Korsinsky is a nationally recognized consumer advocacy law firm that has recovered hundreds of millions of dollars against large corporations. The firm's team of over 70 extraordinary attorneys and professionals have a winning track record going against the most powerful defense attorneys in the world and know how to maximize your compensation. The firm is a
CONTACT:
Levi & Korsinsky, LLP
Joseph E. Levi, Esq.
Ed Korsinsky, Esq.
33 Whitehall Street, 17th Floor
New York, NY 10004
jlevi@levikorsinsky.com
Tel: (212) 363-7500
Fax: (212) 363-7171
https://zlk.com/
SOURCE: Levi & Korsinsky, LLP
View the original press release on accesswire.com
FAQ
What was the extent of the 23andMe (ME) data breach in December 2023?
How many Jewish and Chinese customers were affected by the 23andMe (ME) data leak?
What specific information was leaked in the 23andMe (ME) data breach?