U.S.
23andMe agrees to $30 million settlement after major data breach
This report was created with support from enhanced software.
Genetic testing company 23andMe has agreed to a $30 million settlement after a data breach exposed the personal information of approximately 6.9 million customers. The breach, which went undetected for five months, compromised users’ names, birth years, genders, ancestry reports, and raw genotype data, with hackers specifically focusing on customers of Chinese and Ashkenazi Jewish descent.
Media Landscape
See how news outlets across the political spectrum are covering this story. Learn more
Left 21%
Center 43%
Right 36%
Bias Distribution Powered by Ground News™
U.S. intelligence agencies recently identified foreign actors, particularly Russia and China, as key perpetrators behind multiple sophisticated cyber threats targeting critical infrastructure and personal information in the United States.
The hacker has only been identified as “Golem,” and shared victims’ personal information on an online forum used by cybercriminals, The New York Times reported.
Point phone camera here
As a part of the settlement, 23andMe will compensate affected customers and provide free access to a security monitoring program for three years. The company expects cyber insurance to cover $25 million of the $30 million total settlement.
23andMe said it will conduct annual cybersecurity audits and maintain a dedicated data breach incident response plan. The company is also ceasing to store personal information for inactive or deactivated accounts to minimize data retention risks.
The genetic testing company denies any wrongdoing and the settlement is still pending approval by a judge.
LAUREN TAYLOR: GENETIC TESTING COMPANY, 23ANDME, HAS AGREED TO A $30 MILLION SETTLEMENT FOLLOWING A DATA BREACH THAT EXPOSED PERSONAL INFORMATION OF APPROXIMATELY 6.9 MILLION CUSTOMERS.
THE BREACH, WHICH WENT UNDETECTED FOR FIVE MONTHS, COMPROMISED
USERS’ NAMES, BIRTH YEARS, GENDERS, ANCESTRY REPORTS, AND RAW GENOTYPE DATA, WITH HACKERS SPECIFICALLY FOCUSING ON CUSTOMERS OF CHINESE AND ASHKENAZI JEWISH DESCENT.
U.S. INTELLIGENCE AGENCIES RECENTLY IDENTIFIED FOREIGN ACTORS, PARTICULARLY RUSSIA AND CHINA, AS KEY PERPETRATORS BEHIND MULTIPLE SOPHISTICATED CYBER THREATS TARGETING CRITICAL INFRASTRUCTURE AND PERSONAL INFORMATION IN THE UNITED STATES.
THE HACKER HAS ONLY BEEN IDENTIFIED AS “GOLEM” – AND SHARED VICTIMS PERSONAL INFORMATION ON AN ONLINE FORUM USED BY CYBERCRIMINALS, THE NEW YORK TIMES REPORTED.
AS A PART OF THE SETTLEMENT, 23ANDME WILL COMPENSATE AFFECTED CUSTOMERS AND PROVIDE FREE ACCESS TO A SECURITY MONITORING PROGRAM FOR THREE YEARS.
THE COMPANY EXPECTS CYBER INSURANCE TO COVER $25 MILLION OF THE $30 MILLION TOTAL SETTLEMENT.
23ANDME SAYS IT WILL CONDUCT ANNUAL CYBERSECURITY AUDITS AND MAINTAIN A DEDICATED DATA BREACH INCIDENT RESPONSE PLAN.
23ANDME IS CEASING TO STORE PERSONAL INFORMATION FOR INACTIVE OR DEACTIVATED ACCOUNTS TO MINIMIZE DATA RETENTION RISKS.
THE GENETIC TESTING COMPANY DENIES ANY WRONGDOING AND THE SETTLEMENT IS STILL PENDING APPROVAL BY A JUDGE.
Media Landscape
See how news outlets across the political spectrum are covering this story. Learn more
Left 21%
Center 43%
Right 36%
Bias Distribution
36 other sources covering this story
Total News Sources
36
Leaning Left
3
Center
6
Leaning Right
5
Last Updated
6 months ago
Bias Distribution Powered by Ground News™
Straight to your inbox.
By entering your email, you agree to the Terms & Conditions and acknowledge the Privacy Policy.
MOST POPULAR
-
Getty Images
How does dyeing the Chicago River on St. Patrick’s Day impact fish?
-
Getty Images
Trapped Antarctic researchers reporting death threats from colleague
-
Reuters
Trump says he’ll speak with Putin on Tuesday about ending Ukraine war
-
Getty Images
March Madness costs US economy $20 billion in lost productivity
