23andMe Holding Co (NASDAQ: ME) Jewish and Chinese Users

Rhea-AI Summary

23andMe (NASDAQ: ME) faced a significant data breach in December 2023, affecting approximately 7 million users. A recently filed class complaint alleges that hackers specifically targeted the personal genetic information of Jewish and Chinese customers. The breach resulted in the compilation and sale of sensitive data on the dark web, including genetic heritage, names, and addresses. Key points:

• Over 1 million Jewish customers' data was leaked in retaliation for the Israel-Hamas war
• 350,000 Chinese customers' data was leaked upon request
• 23andMe allegedly concealed these details when notifying affected customers
• The company attempted to shift blame to customers for using recycled login credentials
• A class action lawsuit is being pursued for affected customers, particularly those with Ashkenazi Jewish heritage or Chinese ancestry

Positive

• None.

Negative

• Major data breach affecting approximately 7 million users
• Targeted leak of sensitive genetic information for Jewish and Chinese customers
• Potential safety threats to affected customers, including from foreign governments
• Alleged concealment of breach details and targeted nature of the attack
• Possible legal and financial repercussions from class action lawsuit

Cybersecurity Expert

This data breach at 23andMe is highly concerning from a cybersecurity perspective. The targeted nature of the attack, focusing on specific ethnic groups, adds a layer of complexity and potential for harm beyond typical data breaches. The delayed and incomplete disclosure by 23andMe is particularly troubling, as it prevented affected users from taking timely protective measures.

The sale of genetic data on the dark web poses significant long-term risks. Unlike passwords or credit card numbers, genetic information cannot be changed and could be misused for years to come. This incident highlights the critical need for enhanced security measures in companies handling sensitive genetic data, as well as more stringent regulations and transparency requirements in the event of breaches.

Legal Analyst

This case presents serious legal implications for 23andMe. The company's alleged failure to fully disclose the nature and extent of the breach could potentially violate data protection laws in multiple jurisdictions. The targeted nature of the breach against specific ethnic groups might also raise questions about discrimination and equal protection under the law.

The class action lawsuit is likely to focus on 23andMe's duty of care in protecting sensitive genetic information and its breach notification practices. If the allegations are proven, 23andMe could face substantial financial penalties and reputational damage. This case may set important precedents for how genetic testing companies handle data breaches and their responsibilities to affected customers.

Financial Analyst

This data breach and subsequent lawsuit pose significant financial risks for 23andMe. The company may face substantial legal costs, potential regulatory fines and settlement payouts to affected customers. Moreover, the reputational damage could lead to a decline in customer trust and potentially impact future revenue streams.

Investors should be concerned about the long-term implications on 23andMe's business model, which relies heavily on customer data. This incident might necessitate increased investment in cybersecurity measures, potentially affecting profit margins. The stock price could experience volatility as more details emerge about the breach and its financial impact. Shareholders should closely monitor the company's response and any regulatory actions in the coming months.

NEW YORK, NY / ACCESSWIRE / August 6, 2024 / 23andMe (NASDAQ:ME) was hacked in December 2023, affecting approximately 7 million users of its genetic services website. According to a recently filed class complaint, hackers who infiltrated 23andMe's system were after the personal information of Jewish and Chinese customers, but the company hid that detail when notifying affected customers.

The hackers specifically targeted the personal genetic information of Jewish and Chinese customers and compiled that data - including genetic heritage, names, and addresses - into lists that were then sold on the dark web, but 23andMe concealed both those revelations when it announced the extent of the breach in December 2023.

According to the lawsuit, the hacker leaked a list of over 1 million Jewish customers expressly in retribution for the Israel-Hamas war. The hacker was also more than happy to leak a list of 350,000 Chinese customers upon request from a user with the alias "Wuhan." These lists generated a huge amount of interest from hackers on the dark web from all over the world and were shared and reshared an untold number of times.

The disclosure of these lists threatens the safety of those customers, including from the Chinese government, which has a long history of tracking Chinese citizens.

According to the lawsuit, to this day, 23andMe has not informed the 7 million compromised customers that their personal genetic information was disclosed on the dark web, nor has it told its Jewish and Chinese customers that they were specifically targeted.

IF YOU ARE A VULNERABLE person whose personal genetic information identifies you as having Ashkenazi Jewish heritage or Chinese ancestry, and/or live in California, Illinois, Oregon, or Alaska, please contact us to review your rights and eligibility for compensation:

https://bit.ly/3sYm8Cn

ADDITIONAL BACKGROUND:

According to a recently filed class action complaint, on Oct. 1, 2023, a hacker using the alias "Golem" leaked the 23andMe data of 1 million Ashkenazi Jews on Breach Forums, calling it "the most valuable data you'll ever see."

"Golem's explicit targeting of Jewish 23andMe users is further conveyed by his use of the character 'Gollum' from The Lord of the Rings - a creature driven by greed with ugly and outsized facial features - as his profile picture."

A few hours later, a user with the alias "Wuhan" asked Golem if he had "Chinese accounts," according to the complaint. The next day, Golem leaked the data of 7 million users, saying in the post that the customer information included phenotype and health information, photos, and identification data.

Golem listed prices for the customer profiles at $1,000 for 100 profiles, $5,000 for 1,000 profiles, $20,000 for 10,000 profiles and $100,000 for 100,000 profiles.

Interest in the leaked Jewish and Chinese information was immediate and overwhelming following an Israeli bombing of a Palestinian hospital.

23andMe attempted to shift the blame to customers, telling them the breach was a result of customers using recycled login credentials from their accounts on other websites. Further, 23andMe then waited until December to report that 7 million customers were directly affected by the breach and didn't say anything about the data being sold on the dark web or that Jewish and Chinese customers were specifically targeted.

Levi Korsinsky, LLP is investigating whether affected customers are entitled to compensation. If you have received a notice about the data breach, you may be entitled to compensation. There is no cost or obligation to participate. Follow the link below to find out more:

https://bit.ly/3sYm8Cn

Levi & Korsinsky is a nationally recognized consumer advocacy law firm that has recovered hundreds of millions of dollars against large corporations. The firm's team of over 70 extraordinary attorneys and professionals have a winning track record going against the most powerful defense attorneys in the world and know how to maximize your compensation. The firm is a 100% contingency firm - we don't get paid unless you get paid! Please visit us as www.zlk.com for more information. Attorney Advertising. Prior results do not guarantee similar outcomes.

CONTACT:
Levi & Korsinsky, LLP
Joseph E. Levi, Esq.
Ed Korsinsky, Esq.
33 Whitehall Street, 17th Floor
New York, NY 10004
jlevi@levikorsinsky.com
Tel: (212) 363-7500
Fax: (212) 363-7171
https://zlk.com/

SOURCE: Levi & Korsinsky, LLP

View the original press release on accesswire.com

FAQ

What was the extent of the 23andMe (ME) data breach in December 2023?

The 23andMe data breach in December 2023 affected approximately 7 million users, with hackers specifically targeting personal genetic information of Jewish and Chinese customers.

How many Jewish and Chinese 23andMe (ME) customers were affected by the data leak?

According to the lawsuit, over 1 million Jewish customers and 350,000 Chinese customers had their data leaked and sold on the dark web.

What specific information was leaked in the 23andMe (ME) data breach?

The leaked information included genetic heritage, names, addresses, phenotype and health information, photos, and identification data of affected 23andMe customers.

How did 23andMe (ME) respond to the data breach allegations?

23andMe allegedly attempted to shift blame to customers for using recycled login credentials and did not disclose the targeted nature of the attack or the sale of data on the dark web when notifying affected users.

What legal action is being taken against 23andMe (ME) regarding the data breach?

A class action lawsuit has been filed, and affected customers, particularly those with Ashkenazi Jewish heritage or Chinese ancestry, are being encouraged to review their rights and eligibility for compensation.