DATA BREACH- 23andMe Jewish & Chinese Consumers May be Affected

Rhea-AI Summary

23andMe (NASDAQ:ME) experienced a data breach in December 2023, affecting 7 million users. Hackers specifically targeted Jewish and Chinese customers, leaking personal genetic information including names and addresses, which was then sold on the dark web. Despite knowing the specific targeting, 23andMe did not inform the affected customers in their December notification. A class action lawsuit has been filed, accusing the company of concealing the extent of the breach and the specific targeting of Jewish and Chinese users. The leaked data has raised significant safety concerns, especially for Chinese customers due to potential government tracking.

Positive

• Class action lawsuit could potentially result in compensation for affected individuals.
• Levi & Korsinsky, LLP is actively investigating the breach, which may lead to legal accountability for 23andMe.

Negative

• Data breach affected 7 million users, exposing their personal genetic information.
• 23andMe failed to inform users of the specific targeting and sale of their data on the dark web.
• Specific targeting of Jewish and Chinese customers raises significant safety concerns.
• The breach has led to a loss of trust and potential legal repercussions.
• 23andMe delayed reporting the full extent of the breach, affecting its reliability and transparency.

Insights

Cybersecurity Expert

The recent data breach at 23andMe, affecting approximately 7 million users and specifically targeting Jewish and Chinese customers, highlights severe weaknesses in the company's cybersecurity infrastructure. The fact that sensitive genetic and personal data could be extracted and sold on the dark web raises significant concerns about the company's ability to protect its customers' information. In the short term, this data breach could lead to a substantial loss of customer trust and a potential decrease in user base, as security is paramount when dealing with genetic data. Long-term implications might include increased regulatory scrutiny and the need for significant investment in cybersecurity measures to rebuild trust and ensure compliance with data protection regulations. Investors should consider the financial and reputational damage this breach might inflict on the company, potentially affecting its market performance.

Financial Analyst

From a financial perspective, the data breach at 23andMe could have profound impacts. The immediate financial repercussions may include costs associated with legal fees, potential fines and settlements from class action lawsuits. Moreover, the breach could result in lost revenue as current and potential customers may choose alternative services due to trust issues. Looking ahead, the company may face increased operating expenses to enhance cybersecurity measures and may need to invest heavily in marketing to rebuild its reputation. Additionally, this incident could affect stock prices negatively in the short term due to investor concerns over the company's handling of sensitive information and the subsequent fallout.

Legal Expert

The legal implications of the data breach at 23andMe are substantial. The company is now facing a class-action lawsuit which alleges that they failed to properly inform affected customers about the extent of the breach and the specific targeting of Jewish and Chinese users. There could be significant legal ramifications if the court finds that 23andMe did not comply with data protection laws, such as the General Data Protection Regulation (GDPR) or the California Consumer Privacy Act (CCPA). This situation could set a legal precedent for how genetic data companies must handle and disclose breaches, emphasizing the importance of transparency and robust cybersecurity measures. Legal outcomes could include hefty fines, mandated changes in data handling practices and ongoing legal scrutiny.

NEW YORK, NY / ACCESSWIRE / May 20, 2024 / 23andMe (NASDAQ:ME) was hacked in December 2023, affecting approximately 7 million users of its genetic services website. According to a recently filed class complaint, hackers who infiltrated 23andMe's system were after the personal information of Jewish and Chinese customers, but the company hid that detail when notifying affected customers.

The hackers specifically targeted the personal genetic information of Jewish and Chinese customers and compiled that data - including genetic heritage, names, and addresses - into lists that were then sold on the dark web, but 23andMe concealed both those revelations when it announced the extent of the breach in December 2023.

According to the lawsuit, the hacker leaked a list of over 1 million Jewish customers expressly in retribution for the Israel-Hamas war. The hacker was also more than happy to leak a list of 350,000 Chinese customers upon request from a user with the alias "Wuhan."These lists generated a huge amount of interest from hackers on the dark web from all over the world and were shared and reshared an untold number of times.

The disclosure of these lists threatens the safety of those customers, including from the Chinese government, which has a long history of tracking Chinese citizens.

According to the lawsuit,to this day, 23andMe has not informed the 7 million compromised customers that their personal genetic information was disclosed on the dark web, nor has it told its Jewish and Chinese customers that they were specifically targeted.

IF YOU ARE A VULNERABLE person whose personal genetic information identifies you as having Ashkenazi Jewish heritage or Chinese ancestry, and/or live in California, Illinois, Oregon, or Alaska, please contact us to review your rights and eligibility for compensation:

https://bit.ly/3sYm8Cn

ADDITIONAL BACKGROUND:

According to a recently filed class action complaint, on Oct. 1, 2023, a hacker using the alias "Golem" leaked the 23andMe data of 1 million Ashkenazi Jews on Breach Forums, calling it "the most valuable data you'll ever see."

"Golem's explicit targeting of Jewish 23andMe users is further conveyed by his use of the character 'Gollum' from The Lord of the Rings - a creature driven by greed with ugly and outsized facial features - as his profile picture."

A few hours later, a user with the alias "Wuhan" asked Golem if he had "Chinese accounts," according to the complaint. The next day, Golem leaked the data of 7 million users, saying in the post that the customer information included phenotype and health information, photos, and identification data.

Golem listed prices for the customer profiles at $1,000 for 100 profiles, $5,000 for 1,000 profiles, $20,000 for 10,000 profiles and $100,000 for 100,000 profiles.

Interest in the leaked Jewish and Chinese information was immediate and overwhelming following an Israeli bombing of a Palestinian hospital.

23andMe attempted to shift the blame to customers, telling them the breach was a result of customers using recycled login credentials from their accounts on other websites.Further, 23andMe then waited until December to report that 7 million customers were directly affected by the breach and didn't say anything about the data being sold on the dark web or that Jewish and Chinese customers were specifically targeted.

Levi Korsinsky, LLP is investigating whether affected customers are entitled to compensation. If you have received a notice about the data breach, you may be entitled to compensation. There is no cost or obligation to participate. Follow the link below to find out more:

https://bit.ly/3sYm8Cn

Levi & Korsinsky is a nationally recognized consumer advocacy law firm that has recovered hundreds of millions of dollars against large corporations. The firm's team of over 70 extraordinary attorneys and professionals have a winning track record going against the most powerful defense attorneys in the world and know how to maximize your compensation. The firm is a 100% contingency firm - we don't get paid unless you get paid! Please visit us as www.zlk.com for more information. Attorney Advertising. Prior results do not guarantee similar outcomes.

CONTACT:
Levi & Korsinsky, LLP
Joseph E. Levi, Esq.
Ed Korsinsky, Esq.
33 Whitehall Street, 17th Floor
New York, NY 10004
jlevi@levikorsinsky.com
Tel: (212) 363-7500
Fax: (212) 363-7171
https://zlk.com/

SOURCE: Levi & Korsinsky, LLP

View the original press release on accesswire.com

FAQ

What happened in the 23andMe data breach?

In December 2023, 23andMe experienced a data breach affecting 7 million users, with hackers targeting Jewish and Chinese customers' genetic information.

How many users were affected by the 23andMe data breach?

Approximately 7 million users were affected by the 23andMe data breach in December 2023.

Which groups were specifically targeted in the 23andMe data breach?

Jewish and Chinese customers were specifically targeted in the 23andMe data breach.

What kind of data was leaked in the 23andMe breach?

Personal genetic information, including names, addresses, and genetic heritage of Jewish and Chinese customers, was leaked.

Has 23andMe informed affected users about the specific targeting?

No, 23andMe did not inform affected users about the specific targeting or the sale of their data on the dark web.

What are the legal actions taken against 23andMe regarding the data breach?

A class action lawsuit has been filed against 23andMe for concealing the extent of the breach and the specific targeting of Jewish and Chinese customers.