And the company failed to notify users that their details were compiled in curated lists and leaked online.
In October 2023, 23andMe admitted that it suffered a data breach that compromised its users’ information. The company has been hit with several lawsuits since then, and according to The New York Times, one of them is accusing 23andMe of failing to notify customers that they were specifically targeted for having Chinese and Ashkenazi Jewish heritage. They also weren’t told that their test results with genetic information had been compiled in curated lists that were then shared on the dark web, the plaintiffs said. 23andMe recently released a copy of the letters it sent to affected customers, and they didn’t contain any reference to the users’ heritage.
The lawsuit was filed in federal court in San Francisco after the company revealed that the hack had gone unnoticed for months. Apparently, the hackers started accessing customers’ accounts using login details already leaked on the web in late April 2023 and continued with their activities until September. It wasn’t until October that the company finally found out about the hacks. On October 1, hackers leaked the names, home addresses and birth dates of 1 million users with Ashkenazi Jewish ancestry on black hat hacking forum BreachForums.
You can read more in an article by Mariella Moon published in the Yahoo web site at: http://tinyurl.com/mtd5wdat.