Loading
Yanuki
ARTICLE DETAIL
23andMe Faces Lawsuit Over 2023 Data Breach: What You Need to Know | Bitcoin Depot Sued After $76,000 ATM Scam Targets Retirees | Bitcoin ATM Fraud: Crypto Giants Fueling Scams Amid Crackdown | Law Firms Recognized Amid Private Equity Interest and Award Wins | Personal Injury Firms Expand AI Marketing and Geographic Reach | Law Firms Recognize Teachers and Excel in Legal Rankings | California Attorney General Sues 23andMe Over Data Breach | Criminal Defense Attorneys Expand Legal Resources and Services | Legal Updates: Personal Injury Law Developments | 23andMe Faces Lawsuit Over 2023 Data Breach: What You Need to Know | Bitcoin Depot Sued After $76,000 ATM Scam Targets Retirees | Bitcoin ATM Fraud: Crypto Giants Fueling Scams Amid Crackdown | Law Firms Recognized Amid Private Equity Interest and Award Wins | Personal Injury Firms Expand AI Marketing and Geographic Reach | Law Firms Recognize Teachers and Excel in Legal Rankings | California Attorney General Sues 23andMe Over Data Breach | Criminal Defense Attorneys Expand Legal Resources and Services | Legal Updates: Personal Injury Law Developments

Legal / Data Privacy

23andMe Faces Lawsuit Over 2023 Data Breach: What You Need to Know

Genetic testing company 23andMe is facing a lawsuit from California Attorney General Rob Bonta following a 2023 data breach that exposed the sensitive information of nearly 7 million users. The lawsuit alleges that 23andMe failed to adequat...

California AG Rob Bonta sues Bay Area genetic testing company 23andMe, alleging it failed to protect user data in 2023 breach
Share
X LinkedIn

what is a data breach
23andMe Faces Lawsuit Over 2023 Data Breach: What You Need to Know Image via ABC7 Bay Area

Key Insights

  • California Attorney General Rob Bonta is suing Chrome Holding Co. (formerly 23andMe) over a 2023 data breach that affected nearly 7 million users.
  • The lawsuit alleges that 23andMe failed to protect user data, and that the company was aware of suspicious activity months before acknowledging the breach.
  • Stolen data, including raw genetic information and health reports, was offered for sale on the dark web, specifically targeting Asian-Pacific Islander and Ashkenazi Jewish users.
  • The breach occurred due to a “credential stuffing” attack, where hackers used passwords exposed in previous breaches to access 23andMe accounts.
  • 23andMe is already dealing with the aftermath of the data breach, including a class-action lawsuit, bankruptcy proceedings, and a fine from the UK Information Commissioner's Office (ICO).

In-Depth Analysis

### Background 23andMe, founded in 2006, gained popularity for its direct-to-consumer DNA test kits, providing users with insights into their ancestry and genetic predispositions. However, the company has faced challenges in maintaining a sustainable business model, leading to bankruptcy proceedings and a sale to TTAM Research Institute.

### The Data Breach The 2023 data breach exposed a significant vulnerability in 23andMe's security measures. Hackers were able to access approximately 14,000 accounts, ultimately stealing the data of nearly 7 million customers. The stolen data included sensitive information such as:

  • Raw genetic data
  • Health reports
  • DNA shared with relatives
  • Locations and birth years of relatives

### Legal and Regulatory Repercussions In addition to the lawsuit from the California Attorney General, 23andMe has faced other legal and regulatory challenges related to the data breach:

  • **Class-Action Lawsuit:** 23andMe agreed to pay a $30 million cash settlement in a class-action lawsuit stemming from the data breach.
  • **UK ICO Fine:** The UK Information Commissioner's Office (ICO) fined 23andMe £2.31 million for failing to implement adequate security measures to protect user data.

### How to Prepare - **Change Passwords:** If you have a 23andMe account, change your password immediately and ensure it is unique and strong. - **Enable Multi-Factor Authentication:** If available, enable multi-factor authentication on your 23andMe account. - **Monitor Your Accounts:** Keep a close eye on your financial and personal accounts for any suspicious activity.

### Who This Affects Most This data breach disproportionately affects individuals of Asian-Pacific Islander and Ashkenazi Jewish descent, as their data was specifically targeted and offered for sale on the dark web during a period of rising hate and violence against these communities.

### Data-Driven Insights The lawsuit reveals that 23andMe detected suspicious login attempts as early as July 2023, yet failed to take appropriate action. This highlights the importance of proactive monitoring and timely response to potential security threats.

Read source article

FAQ

What is credential stuffing?

Credential stuffing is a type of cyberattack where hackers use stolen usernames and passwords from previous data breaches to attempt to log in to other accounts.

What type of data was exposed in the 23andMe data breach?

The exposed data included raw genetic data, health reports, DNA shared with relatives, and locations and birth years of relatives.

What steps has 23andMe taken to address the data breach?

23andMe has implemented two-step verification for logging in and required new customer passwords. The company has also made commitments to enhance protections for customer data and privacy.

Takeaways

  • 23andMe's data breach underscores the need for robust data protection measures, especially when dealing with sensitive genetic information.
  • Consumers should be aware of the risks involved in sharing their data with genetic testing companies and take steps to protect their accounts.
  • The lawsuit against 23andMe highlights the legal and regulatory consequences of failing to protect user data.

Discussion

Do you think 23andMe handled the data breach appropriately? What steps do you take to protect your online data? Share this article with others who need to stay ahead of this trend!

Sources

California AG Rob Bonta sues Bay Area genetic testing company 23andMe, alleging it failed to protect user data in 2023 breach 23andMe accused of failing to protect user data in new lawsuit California Attorney General sues 23andMe successor for 2023 data breach

Disclaimer

This article was compiled by Yanuki using publicly available data and trending information. The content may summarize or reference third-party sources that have not been independently verified. While we aim to provide timely and accurate insights, the information presented may be incomplete or outdated.

All content is provided for general informational purposes only and does not constitute financial, legal, or professional advice. Yanuki makes no representations or warranties regarding the reliability or completeness of the information.

This article may include links to external sources for further context. These links are provided for convenience only and do not imply endorsement.

Always do your own research (DYOR) before making any decisions based on the information presented.

Related Stories

Legal / Class Action

Bitcoin Depot Sued After $76,000 ATM Scam Targets Retirees

A class action lawsuit has been filed against Bitcoin Depot, alleging that their ATMs facilitated a scam that cost a retired couple their entire life savings. The lawsuit claims the company failed to protect vulnerable consumers from impers...

Bitcoin Depot class action alleges ATMs enabled $76K impersonation scam

Legal / Scams

Bitcoin ATM Fraud: Crypto Giants Fueling Scams Amid Crackdown

Bitcoin ATMs, once hailed as a convenient bridge between cash and cryptocurrency, are now under intense scrutiny due to their increasing association with scams and illegal activities. Despite growing concerns and regulatory crackdowns, majo...

Bitcoin ATM operator files for bankruptcy as Florida tightens rules to avoid fraud

Legal / Personal Injury

Law Firms Recognized Amid Private Equity Interest and Award Wins

This article summarizes recent recognition and trends in the personal injury law sector. It covers law firm awards and the increasing interest of private equity firms in personal injury practices, signaling a shift in the legal landscape.

Zaner Law Personal Injury Lawyers and Founder Kurt Zaner Recognized in 2026 Best Lawyers Rankings

Legal / Personal Injury

Law Firms Recognize Teachers and Excel in Legal Rankings

This article highlights how personal injury law firms are making a difference both in their communities and in the legal profession. Scott Vicknair Personal Injury Lawyers recognized a New Orleans teacher for her dedication, while Zaner Law...

Scott Vicknair Personal Injury Lawyers Surprises New Orleans Teacher with Cruise Through High Seas and ABCs Campaign

Business / Cybersecurity

California Attorney General Sues 23andMe Over Data Breach

California Attorney General Rob Bonta has filed a lawsuit against 23andMe, alleging the company failed to adequately protect customer data during a 2023 data breach. The breach affected nearly 7 million individuals, exposing sensitive genet...

California attorney general sues 23andMe for data breach

Legal / Criminal Law

Criminal Defense Attorneys Expand Legal Resources and Services

Several law firms and attorneys are expanding their resources and services to better assist individuals facing criminal charges, DUI accusations, and federal investigations. This includes enhanced digital resources, personalized legal repre...

Dallas Federal Criminal Defense Attorney John Helms Expands

Legal / Personal Injury

Legal Updates: Personal Injury Law Developments

This article summarizes recent developments impacting the personal injury law sector. It includes news of a significant wrongful death settlement, a law firm's expansion, and the introduction of innovative content marketing strategies desig...

Phillips Law Group Attorney Ojas Patil Secures $300,000 Wrongful Death Settlement in Peoria Crash