California Sues 23andMe Over 2023 Data Breach Affecting Nearly 7 Million Users
By
CybersecurityNews
An everything bagel for the brain. Substantive, layered, well-seasoned.
Summary
California Attorney General Rob Bonta has filed a lawsuit against Chrome Holding Co. (formerly 23andMe) over a 2023 data breach that exposed sensitive genetic and health data of nearly 7 million users. The lawsuit alleges the company failed to implement basic security measures such as password resets and multifactor authentication, enabling attackers to use credential stuffing with stolen login credentials. The stolen data was later sold on the dark web.
Key quotes
· 2 pulledCalifornia Attorney General Rob Bonta sued Chrome Holding Co., formerly 23andMe, over a 2023 breach that exposed sensitive genetic and health data from nearly 7 million people.
The lawsuit says the company failed to use basic protections like password resets and multifactor authentication, allowing attackers to exploit stolen credentials and later sell data on the dark web.
You might also wanna read
23andMe Data Breach Class Action Settlement Reached for 6.4 Million Affected Customers
A class action settlement has been reached with 23andMe (now Chrome) regarding a 2023 data breach that affected approximately 6.4 million U.
23andmedatasettlement.com·6mo ago
Privacy Concerns Persist as 23andMe Emerges from Bankruptcy
23andMe, out of bankruptcy, faces concerns over privacy as genetic data of over 10 million customers is sold to TTAM Research Institute. Cus
washingtonpost.com·10mo ago