DATA BREACH - 23andMe Jewish & Chinese Consumers May be Affected
23andMe (NASDAQ:ME) faced a significant data breach in December 2023, affecting approximately 7 million users of its genetic services website. A recently filed class complaint alleges that hackers specifically targeted the personal genetic information of Jewish and Chinese customers, compiling and selling this data on the dark web. The breach reportedly included a list of over 1 million Jewish customers and 350,000 Chinese customers. The lawsuit claims 23andMe has not fully informed affected customers about the extent of the breach or the targeted nature of the attack. The disclosure poses potential safety risks, particularly for Chinese citizens. Legal action is being pursued for affected individuals, especially those with Ashkenazi Jewish heritage or Chinese ancestry in specific states.
23andMe (NASDAQ:ME) ha subito una significativa violazione dei dati nel dicembre 2023, coinvolgendo circa 7 milioni di utenti del suo sito di servizi genetici. Una recente denuncia collettiva sostiene che gli hacker abbiano mirato specificamente alle informazioni genetiche personali di clienti ebrei e cinesi, compilando e vendendo questi dati sul dark web. La violazione avrebbe incluso un elenco di oltre 1 milione di clienti ebrei e 350.000 clienti cinesi. La causa legale afferma che 23andMe non ha informato adeguatamente i clienti colpiti sull'estensione della violazione o sulla natura mirata dell'attacco. La divulgazione rappresenta rischi potenziali per la sicurezza, in particolare per i cittadini cinesi. Sono in corso azioni legali per gli individui colpiti, specialmente quelli con eredito ebraico ashkenazita o ascendenza cinese in determinati stati.
23andMe (NASDAQ:ME) enfrentó una significativa filtración de datos en diciembre de 2023, que afectó a aproximadamente 7 millones de usuarios de su sitio web de servicios genéticos. Una reciente demanda colectiva alega que los hackers atacaron específicamente la información genética personal de clientes judíos y chinos, recopilando y vendiendo estos datos en la dark web. La filtración incluyó un listado de más de 1 millón de clientes judíos y 350,000 clientes chinos. La demanda sostiene que 23andMe no ha informado completamente a los clientes afectados sobre la magnitud de la filtración ni sobre la naturaleza específica del ataque. La divulgación plantea riesgos potenciales para la seguridad, especialmente para los ciudadanos chinos. Se están tomando acciones legales para los individuos afectados, particularmente aquellos con herencia judía asquenazí o ascendencia china en estados específicos.
23andMe (NASDAQ:ME)는 2023년 12월에 데이터 유출 사건을 겪었으며, 이는 약 700만 사용자의 유전 서비스 웹사이트에 영향을 미쳤습니다. 최근 제기된 집단 소송은 해커들이 유대인 및 중국 고객의 개인 유전 정보를 겨냥하여 이 데이터를 다크 웹에서 수집하고 판매했다고 주장합니다. 유출된 내용에는 100만 명 이상의 유대인 고객과 35만 명의 중국 고객에 대한 리스트가 포함되어 있는 것으로 알려졌습니다. 소송은 23andMe가 영향을 받은 고객들에게 유출의 범위나 공격의 구체적인 성격에 대해 충분히 알리지 않았다고 주장합니다. 이 공개는 특히 중국 시민들에게 잠재적인 안전 위험을 초래합니다. 피해를 입은 개인들을 위한 법적 조치가 취해지고 있으며, 특히 특정 주에 사는 아슈케나지 유대인 유전자 또는 중국 조상을 가진 사람들이 포함됩니다.
23andMe (NASDAQ:ME) a subi une importante violation de données en décembre 2023, touchant environ 7 millions d'utilisateurs de son site de services génétiques. Une plainte collective récemment déposée allègue que des hackers ont spécifiquement ciblé les informations génétiques personnelles de clients juifs et chinois, compilant et vendant ces données sur le dark web. La violation aurait inclus une liste de plus de 1 million de clients juifs et 350 000 clients chinois. La poursuite prétend que 23andMe n'a pas complètement informé les clients affectés sur l'étendue de la violation ou la nature ciblée de l'attaque. La divulgation pose des risques potentiels pour la sécurité, en particulier pour les citoyens chinois. Des actions légales sont en cours pour les individus touchés, en particulier ceux ayant des origines juives ashkénazes ou des ancêtres chinois dans des États spécifiques.
23andMe (NASDAQ:ME) war im Dezember 2023 von einem erheblichen Datenleck betroffen, das etwa 7 Millionen Nutzer seiner genetischen Dienstleistungs-Website betraf. Eine kürzlich eingereichte Sammelklage behauptet, dass Hacker speziell die persönlichen genetischen Informationen von jüdischen und chinesischen Kunden ins Visier genommen haben, um diese Daten im Dark Web zu sammeln und zu verkaufen. Der Datenleck soll eine Liste von über 1 Million jüdischen Kunden und 350.000 chinesischen Kunden enthalten haben. Die Klage stellt in Frage, dass 23andMe die betroffenen Kunden nicht ausreichend über das Ausmaß des Lecks oder die zielgerichtete Natur des Angriffs informiert hat. Die Offenlegung birgt potenzielle Sicherheitsrisiken, insbesondere für chinesische Staatsbürger. Es werden rechtliche Schritte für betroffene Personen eingeleitet, insbesondere für diejenigen mit aschkenasisch-jüdischer Herkunft oder chinesischer Abstammung in bestimmten Bundesstaaten.
- None.
- Data breach affecting 7 million users
- Targeted attack on Jewish and Chinese customers' genetic information
- Personal data sold on the dark web
- Potential safety risks for affected customers
- Alleged failure to fully disclose breach details to customers
- Legal action and potential compensation claims against the company
Insights
This data breach at 23andMe is highly concerning from a cybersecurity perspective. The targeted nature of the attack, focusing on specific ethnic groups, adds a layer of complexity and potential for harm. The delayed and incomplete disclosure by 23andMe is a significant lapse in incident response best practices.
The alleged sale of genetic data on the dark web poses severe privacy risks. Genetic information is uniquely sensitive, as it's immutable and can reveal health predispositions. The potential for misuse, including identity theft or genetic discrimination, is substantial. The scale of the breach (
This incident underscores the critical need for robust cybersecurity measures in handling sensitive genetic data and transparent communication in the event of a breach.
This data breach presents significant legal implications for 23andMe. The company may face:
- Class action lawsuits for negligence in data protection
- Regulatory scrutiny under laws like GDPR or CCPA
- Potential FTC investigation for deceptive practices in breach notification
The targeted nature of the breach against specific ethnic groups could lead to discrimination claims. 23andMe's alleged failure to fully disclose the extent and nature of the breach may violate data breach notification laws in various jurisdictions.
The company's attempt to shift blame to customers for recycled passwords likely won't shield them from liability. This case could set important precedents for genetic data protection and breach disclosure requirements in the biotech industry.
This data breach poses significant financial and reputational risks for 23andMe (NASDAQ:ME). The company may face:
- Substantial legal costs from class-action lawsuits
- Potential regulatory fines
- Increased cybersecurity expenses
- Loss of customer trust and potential business
The stock is likely to face downward pressure as the market digests the full impact of this breach. The targeted nature of the attack and alleged mishandling of disclosure could lead to a more severe and prolonged impact on the company's valuation.
Long-term, this incident may necessitate significant investments in cybersecurity and changes to data handling practices, potentially impacting 23andMe's cost structure and profitability. Investors should closely monitor the company's response and any regulatory actions.
NEW YORK, NY / ACCESSWIRE / August 9, 2024 / 23andMe (NASDAQ:ME) was hacked in December 2023, affecting approximately 7 million users of its genetic services website. According to a recently filed class complaint, hackers who infiltrated 23andMe's system were after the personal information of Jewish and Chinese customers, but the company hid that detail when notifying affected customers.
The hackers specifically targeted the personal genetic information of Jewish and Chinese customers and compiled that data - including genetic heritage, names, and addresses - into lists that were then sold on the dark web, but 23andMe concealed both those revelations when it announced the extent of the breach in December 2023.
According to the lawsuit, the hacker leaked a list of over 1 million Jewish customers expressly in retribution for the Israel-Hamas war. The hacker was also more than happy to leak a list of 350,000 Chinese customers upon request from a user with the alias "Wuhan." These lists generated a huge amount of interest from hackers on the dark web from all over the world and were shared and reshared an untold number of times.
The disclosure of these lists threatens the safety of those customers, including from the Chinese government, which has a long history of tracking Chinese citizens.
According to the lawsuit, to this day, 23andMe has not informed the 7 million compromised customers that their personal genetic information was disclosed on the dark web, nor has it told its Jewish and Chinese customers that they were specifically targeted.
IF YOU ARE A VULNERABLE person whose personal genetic information identifies you as having Ashkenazi Jewish heritage or Chinese ancestry, and/or live in California, Illinois, Oregon, or Alaska, please contact us to review your rights and eligibility for compensation:
ADDITIONAL BACKGROUND:
According to a recently filed class action complaint, on Oct. 1, 2023, a hacker using the alias "Golem" leaked the 23andMe data of 1 million Ashkenazi Jews on Breach Forums, calling it "the most valuable data you'll ever see."
"Golem's explicit targeting of Jewish 23andMe users is further conveyed by his use of the character 'Gollum' from The Lord of the Rings - a creature driven by greed with ugly and outsized facial features - as his profile picture."
A few hours later, a user with the alias "Wuhan" asked Golem if he had "Chinese accounts," according to the complaint. The next day, Golem leaked the data of 7 million users, saying in the post that the customer information included phenotype and health information, photos, and identification data.
Golem listed prices for the customer profiles at
Interest in the leaked Jewish and Chinese information was immediate and overwhelming following an Israeli bombing of a Palestinian hospital.
23andMe attempted to shift the blame to customers, telling them the breach was a result of customers using recycled login credentials from their accounts on other websites. Further, 23andMe then waited until December to report that 7 million customers were directly affected by the breach and didn't say anything about the data being sold on the dark web or that Jewish and Chinese customers were specifically targeted.
Levi Korsinsky, LLP is investigating whether affected customers are entitled to compensation. If you have received a notice about the data breach, you may be entitled to compensation. There is no cost or obligation to participate. Follow the link below to find out more:
Levi & Korsinsky is a nationally recognized consumer advocacy law firm that has recovered hundreds of millions of dollars against large corporations. The firm's team of over 70 extraordinary attorneys and professionals have a winning track record going against the most powerful defense attorneys in the world and know how to maximize your compensation. The firm is a
CONTACT:
Levi & Korsinsky, LLP
Joseph E. Levi, Esq.
Ed Korsinsky, Esq.
33 Whitehall Street, 17th Floor
New York, NY 10004
jlevi@levikorsinsky.com
Tel: (212) 363-7500
Fax: (212) 363-7171
https://zlk.com/
SOURCE: Levi & Korsinsky, LLP
View the original press release on accesswire.com
FAQ
What was the extent of the 23andMe data breach in December 2023?
How many Jewish and Chinese customers were affected by the 23andMe data breach?
What type of information was compromised in the 23andMe (ME) data breach?
How was the stolen 23andMe data used by hackers?