In October 2023, 23andMe admitted this suffered a data breach It compromised the data of its users. Since then, the company has faced several lawsuits and therefore The New York Times, one of which accuses 23andMe of failing to warn customers that they were being specifically targeted because of their Chinese and Ashkenazi Jewish heritage. According to the plaintiffs, they were not informed that the test results with genetic information were compiled into curated lists that were then shared on the dark web. 23andMe recently left a copy part of the letters it sent to affected customers, and they did not refer to the users’ heritage.
The lawsuit was filed in San Francisco federal court after the company discovered the hack went unnoticed for months. The hackers apparently started accessing customers’ accounts using leaked login information in late April 2023 and continued their activities until September. By October, the company finally learned about the hackers. On October 1st, hackers leaked the names, home addresses and birth dates of 1 million users of Ashkenazi Jewish descent on BreachForums, a black hat hacking forum.
After someone responded to a post requesting access to “Chinese accounts,” the lawsuit said the poster was linked to a file containing information about 100,000 Chinese users. The poster also noted that it has access to 350,000 Chinese profiles and may release more if there is enough interest. In addition, the same poster allegedly returned to the forum in mid-October to sell information about “wealthy families serving Zionism” after the Al-Ahli Arab Hospital bombing in Gaza.
“The current geopolitical and social climate raises risks” for users whose data was exposed because the leaked data contained their names and addresses, according to the lawsuit. The plaintiffs want their case tried by a jury and seek compensatory, punitive and other damages.
