DATA BREACH - 23andMe Jewish & Chinese Consumers May be Affected

Rhea-AI Summary

23andMe (NASDAQ:ME) suffered a significant data breach in December 2023, impacting approximately 7 million users. Recent revelations from a class-action lawsuit indicate that hackers specifically targeted the genetic information of Jewish and Chinese customers, which the company allegedly concealed from the affected users. The hackers leaked lists of this sensitive information on the dark web, posing significant security risks to those individuals. 23andMe has been criticized for its delayed and incomplete disclosure of the breach's extent, and the lawsuit seeks compensation for those affected.

Positive

• None.

Negative

• Data breach affected approximately 7 million users.
• Hackers specifically targeted Jewish and Chinese customers.
• Sensitive genetic and personal information leaked on the dark web.
• Potential security risks for affected individuals.
• 23andMe accused of concealing critical details from users.
• Delayed disclosure of the data breach by 23andMe.
• Potential damage to 23andMe's reputation and customer trust.
• Possible financial liabilities from class-action lawsuit.

Insights

Cybersecurity Expert

The breach at 23andMe with a focus on Jewish and Chinese data is an alarming development in the cybersecurity domain. For investors, this incident raises substantial concerns regarding the company's data protection protocols and overall cybersecurity infrastructure. Targeted data breaches can severely harm public trust and lead to significant financial liabilities. The fact that specific ethnic groups were targeted adds a layer of complexity and sensitivity to the issue. The reputational damage alone could impact customer acquisition and retention, while the ongoing lawsuit may lead to considerable financial penalties and increased regulatory scrutiny. Investors should be wary of how 23andMe plans to bolster its cybersecurity measures moving forward and whether they can regain user trust, which is critical for their business model reliant on users' personal genetic information.

Rating: -1

Legal Expert

The legal ramifications of 23andMe's data breach are extensive. The class action lawsuit not only highlights potential negligence on the company's part in protecting user data but also in their transparency following the breach. The allegations that 23andMe withheld information from affected customers about the extent and specifics of the breach could lead to severe legal consequences. The emphasis on targeted groups, namely Jewish and Chinese customers, could result in claims of discrimination or bias in data handling, further complicating the legal landscape. Financial liabilities stemming from settlements or judgments could be substantial. Moreover, the legal costs and potential regulatory fines could strain the company’s resources.

Rating: -1

Financial Analyst

From a financial perspective, the data breach could considerably impact 23andMe’s stock performance and overall financial health. In the short term, we can expect increased volatility in 23andMe’s stock price as investors react to the news and potential fallout from the lawsuit. The breach and associated lawsuit present risks of significant financial penalties and settlements, increased operational costs to enhance cybersecurity and potential loss of business if customers lose trust in the company's ability to safeguard their personal information. Long-term, the company will need to spend significantly on rebuilding its brand and customer trust, which could affect profitability. Investors should monitor how the company manages the fallout and their strategic responses to prevent future breaches.

Rating: -1

NEW YORK, NY / ACCESSWIRE / May 29, 2024 / 23andMe (NASDAQ:ME) was hacked in December 2023, affecting approximately 7 million users of its genetic services website. According to a recently filed class complaint, hackers who infiltrated 23andMe's system were after the personal information of Jewish and Chinese customers, but the company hid that detail when notifying affected customers.

The hackers specifically targeted the personal genetic information of Jewish and Chinese customers and compiled that data - including genetic heritage, names, and addresses - into lists that were then sold on the dark web, but 23andMe concealed both those revelations when it announced the extent of the breach in December 2023.

According to the lawsuit, the hacker leaked a list of over 1 million Jewish customers expressly in retribution for the Israel-Hamas war. The hacker was also more than happy to leak a list of 350,000 Chinese customers upon request from a user with the alias "Wuhan."These lists generated a huge amount of interest from hackers on the dark web from all over the world and were shared and reshared an untold number of times.

The disclosure of these lists threatens the safety of those customers, including from the Chinese government, which has a long history of tracking Chinese citizens.

According to the lawsuit,to this day, 23andMe has not informed the 7 million compromised customers that their personal genetic information was disclosed on the dark web, nor has it told its Jewish and Chinese customers that they were specifically targeted.

IF YOU ARE A VULNERABLE person whose personal genetic information identifies you as having Ashkenazi Jewish heritage or Chinese ancestry, and/or live in California, Illinois, Oregon, or Alaska, please contact us to review your rights and eligibility for compensation:

https://bit.ly/3sYm8Cn

ADDITIONAL BACKGROUND:

According to a recently filed class action complaint, on Oct. 1, 2023, a hacker using the alias "Golem" leaked the 23andMe data of 1 million Ashkenazi Jews on Breach Forums, calling it "the most valuable data you'll ever see."

"Golem's explicit targeting of Jewish 23andMe users is further conveyed by his use of the character 'Gollum' from The Lord of the Rings - a creature driven by greed with ugly and outsized facial features - as his profile picture."

A few hours later, a user with the alias "Wuhan" asked Golem if he had "Chinese accounts," according to the complaint. The next day, Golem leaked the data of 7 million users, saying in the post that the customer information included phenotype and health information, photos, and identification data.

Golem listed prices for the customer profiles at $1,000 for 100 profiles, $5,000 for 1,000 profiles, $20,000 for 10,000 profiles and $100,000 for 100,000 profiles.

Interest in the leaked Jewish and Chinese information was immediate and overwhelming following an Israeli bombing of a Palestinian hospital.

23andMe attempted to shift the blame to customers, telling them the breach was a result of customers using recycled login credentials from their accounts on other websites.Further, 23andMe then waited until December to report that 7 million customers were directly affected by the breach and didn't say anything about the data being sold on the dark web or that Jewish and Chinese customers were specifically targeted.

Levi Korsinsky, LLP is investigating whether affected customers are entitled to compensation. If you have received a notice about the data breach, you may be entitled to compensation. There is no cost or obligation to participate. Follow the link below to find out more:

https://bit.ly/3sYm8Cn

Levi & Korsinsky is a nationally recognized consumer advocacy law firm that has recovered hundreds of millions of dollars against large corporations. The firm's team of over 70 extraordinary attorneys and professionals have a winning track record going against the most powerful defense attorneys in the world and know how to maximize your compensation. The firm is a 100% contingency firm - we don't get paid unless you get paid! Please visit us as www.zlk.com for more information. Attorney Advertising. Prior results do not guarantee similar outcomes.

CONTACT:
Levi & Korsinsky, LLP
Joseph E. Levi, Esq.
Ed Korsinsky, Esq.
33 Whitehall Street, 17th Floor
New York, NY 10004
jlevi@levikorsinsky.com
Tel: (212) 363-7500
Fax: (212) 363-7171
https://zlk.com/

SOURCE: Levi & Korsinsky, LLP

View the original press release on accesswire.com

FAQ

What was the impact of the 23andMe data breach?

The data breach affected approximately 7 million users of 23andMe's genetic services.

Which specific groups were targeted in the 23andMe data breach?

Hackers specifically targeted the genetic information of Jewish and Chinese customers.

When did the 23andMe data breach occur?

The data breach occurred in December 2023.

How did 23andMe handle the data breach disclosure?

23andMe has been criticized for delaying the disclosure and not informing users about the specific targeting of Jewish and Chinese customers.

What are the potential risks of the 23andMe data breach?

Leaked genetic and personal information on the dark web poses significant security risks to the affected individuals.

What legal actions are being taken against 23andMe?

A class-action lawsuit has been filed seeking compensation for the affected customers.

How might the data breach affect 23andMe's business?

The breach could damage 23andMe's reputation and result in financial liabilities from the lawsuit.

What information was compromised in the 23andMe data breach?

Compromised information includes genetic heritage, names, addresses, phenotype and health information, photos, and identification data.