STOCK TITAN

DATA BREACH - 23andMe Jewish & Chinese Consumers May be Affected

Rhea-AI Impact
(Low)
Rhea-AI Sentiment
(Negative)
Tags
Rhea-AI Summary
23andMe (NASDAQ:ME) was hacked in December 2023, affecting approximately 7 million users of its genetic services website. The hackers specifically targeted the personal genetic information of Jewish and Chinese customers and compiled that data into lists that were sold on the dark web. The company concealed these details when notifying affected customers. The lawsuit reveals that the hacker leaked a list of over 1 million Jewish customers expressly in retribution for the Israel-Hamas war, and a list of 350,000 Chinese customers upon request from a user with the alias 'Wuhan'. This disclosure threatens the safety of the customers. 23andMe has not informed the compromised customers that their personal genetic information was disclosed on the dark web, nor that they were specifically targeted. The PR also mentions the hacker's actions, prices for customer profiles, and 23andMe's attempt to shift the blame to customers.
Positive
  • None.
Negative
  • 23andMe was hacked, affecting 7 million users
  • Hackers targeted genetic information of Jewish and Chinese customers
  • The company concealed details when notifying affected customers
  • The disclosure threatens the safety of the customers
  • 23andMe has not informed compromised customers of the breach
  • 23andMe attempted to shift the blame to customers

Insights

The recent data breach at 23andMe raises significant cybersecurity concerns. The targeted nature of the attack, focusing on the genetic data of specific ethnic groups, underscores the evolving threat landscape where cybercriminals are not only after financial gain but also potentially engaging in espionage or identity-based attacks. This incident highlights the need for robust security protocols, especially for companies handling sensitive personal data. The sale of such data on the dark web could have far-reaching implications, potentially leading to identity theft, discrimination, or even geopolitical tensions.

For businesses, this event is a stark reminder of the importance of cybersecurity diligence and the potential costs associated with data breaches, including legal fees, compensation and loss of customer trust. The long-term impact on 23andMe's reputation and customer base could be significant, especially if the company is found to have been negligent in its duty to protect user data or in its response to the breach.

The class action lawsuit against 23andMe for its handling of the data breach could have substantial legal ramifications. If the allegations that the company failed to adequately inform the affected customers are proven, 23andMe could face hefty fines and be required to implement corrective measures. The legal proceedings will likely hinge on the company's adherence to data protection laws and regulations, such as the GDPR, CCPA and others that mandate prompt notification and transparent communication following a data breach.

Furthermore, the specific targeting of ethnic groups may introduce aspects of discrimination and violation of privacy rights, potentially exacerbating the legal consequences. The outcome of this case could set a precedent for how companies are expected to handle and disclose cyberattacks, particularly those involving sensitive personal information.

The disclosure of the 23andMe data breach is likely to have immediate financial implications for the company. Investors will be closely monitoring the situation, as the breach could lead to a decline in consumer confidence, potentially affecting subscription renewals and new customer acquisition. Additionally, the costs associated with legal defense, potential settlements and increased security measures to prevent future breaches will likely impact the company's financial performance.

From a market perspective, this breach could also affect the stock price of 23andMe as the market reacts to the perceived risk and uncertainty. The extent of the impact will depend on how effectively the company manages the crisis and the eventual legal outcomes. It's also possible that the broader biotech and genetic testing industry may face increased scrutiny and regulatory pressure, which could affect market valuations.

NEW YORK, NY / ACCESSWIRE / February 6, 2024 / 23andMe (NASDAQ:ME) was hacked in December 2023, affecting approximately 7 million users of its genetic services website. According to a recently filed class complaint, hackers who infiltrated 23andMe's system were after the personal information of Jewish and Chinese customers, but the company hid that detail when notifying affected customers.

The hackers specifically targeted the personal genetic information of Jewish and Chinese customers and compiled that data - including genetic heritage, names, and addresses - into lists that were then sold on the dark web, but 23andMe concealed both those revelations when it announced the extent of the breach in December 2023.

According to the lawsuit, the hacker leaked a list of over 1 million Jewish customers expressly in retribution for the Israel-Hamas war. The hacker was also more than happy to leak a list of 350,000 Chinese customers upon request from a user with the alias "Wuhan."These lists generated a huge amount of interest from hackers on the dark web from all over the world and were shared and reshared an untold number of times.

The disclosure of these lists threatens the safety of those customers, including from the Chinese government, which has a long history of tracking Chinese citizens.

According to the lawsuit,to this day, 23andMe has not informed the 7 million compromised customers that their personal genetic information was disclosed on the dark web, nor has it told its Jewish and Chinese customers that they were specifically targeted.

IF YOU ARE A VULNERABLE person whose personal genetic information identifies you as having Ashkenazi Jewish heritage or Chinese ancestry, and/or live in California, Illinois, Oregon, or Alaska, please contact us to review your rights and eligibility for compensation:

https://bit.ly/3sYm8Cn

ADDITIONAL BACKGROUND:

According to a recently filed class action complaint, on Oct. 1, 2023, a hacker using the alias "Golem" leaked the 23andMe data of 1 million Ashkenazi Jews on Breach Forums, calling it "the most valuable data you'll ever see."

"Golem's explicit targeting of Jewish 23andMe users is further conveyed by his use of the character 'Gollum' from The Lord of the Rings - a creature driven by greed with ugly and outsized facial features - as his profile picture."

A few hours later, a user with the alias "Wuhan" asked Golem if he had "Chinese accounts," according to the complaint. The next day, Golem leaked the data of 7 million users, saying in the post that the customer information included phenotype and health information, photos, and identification data.

Golem listed prices for the customer profiles at $1,000 for 100 profiles, $5,000 for 1,000 profiles, $20,000 for 10,000 profiles and $100,000 for 100,000 profiles.

Interest in the leaked Jewish and Chinese information was immediate and overwhelming following an Israeli bombing of a Palestinian hospital.

23andMe attempted to shift the blame to customers, telling them the breach was a result of customers using recycled login credentials from their accounts on other websites.Further, 23andMe then waited until December to report that 7 million customers were directly affected by the breach and didn't say anything about the data being sold on the dark web or that Jewish and Chinese customers were specifically targeted.

Levi Korsinsky, LLP is investigating whether affected customers are entitled to compensation. If you have received a notice about the data breach, you may be entitled to compensation. There is no cost or obligation to participate. Follow the link below to find out more:

https://bit.ly/3sYm8Cn

Levi & Korsinsky is a nationally recognized consumer advocacy law firm that has recovered hundreds of millions of dollars against large corporations. The firm's team of over 70 extraordinary attorneys and professionals have a winning track record going against the most powerful defense attorneys in the world and know how to maximize your compensation. The firm is a 100% contingency firm - we don't get paid unless you get paid! Please visit us as www.zlk.com for more information. Attorney Advertising. Prior results do not guarantee similar outcomes.

Levi & Korsinsky, LLP
Joseph E. Levi, Esq.
33 Whitehall Street, 17th Floor
New York, NY 10004
jlevi@levikorsinsky.com
Tel: (212) 363-7500
Fax: (212) 363-7171
www.zlk.com

CONTACT:
Levi & Korsinsky, LLP
Joseph E. Levi, Esq.
Ed Korsinsky, Esq.
33 Whitehall Street, 17th Floor
New York, NY 10004
jlevi@levikorsinsky.com
Tel: (212) 363-7500
Fax: (212) 363-7171
https://zlk.com/

SOURCE: Levi & Korsinsky, LLP



View the original press release on accesswire.com

FAQ

What happened to 23andMe in December 2023?

23andMe was hacked, affecting approximately 7 million users of its genetic services website.

Who were the hackers targeting?

The hackers specifically targeted the personal genetic information of Jewish and Chinese customers and compiled that data into lists that were sold on the dark web.

What actions did the hacker take with the leaked data?

The hacker leaked a list of over 1 million Jewish customers in retribution for the Israel-Hamas war, and a list of 350,000 Chinese customers upon request from a user with the alias 'Wuhan'. The leaked information was sold on the dark web.

What did 23andMe conceal from affected customers?

23andMe concealed the details of the hacker's actions and the specific targeting of Jewish and Chinese customers when notifying affected customers.

What did 23andMe attempt to do after the breach?

23andMe attempted to shift the blame to customers, telling them that the breach was a result of using recycled login credentials from their accounts on other websites.

How did the disclosure of the lists threaten the safety of the customers?

The disclosure of the lists threatens the safety of the customers, including from the Chinese government, which has a long history of tracking Chinese citizens.

Has 23andMe informed the compromised customers of the breach?

No, 23andMe has not informed compromised customers that their personal genetic information was disclosed on the dark web, nor that they were specifically targeted.

23andMe Holding Co.

NASDAQ:ME

ME Rankings

ME Latest News

ME Stock Data

82.79M
18.44M
3.65%
33.33%
3.98%
Diagnostics & Research
Pharmaceutical Preparations
Link
United States of America
SUNNYVALE