23andMe Sued by California Over Massive 2023 Data Breach
California's attorney general has filed a lawsuit against 23andMe, alleging the company failed to protect sensitive customer data in a significant 2023 data breach. The breach exposed the personal information of nearly 7 million individuals, with hackers using a credential-stuffing attack to access the data. The lawsuit highlights the company's inadequate security measures and the subsequent sale of stolen data on the dark web.
- ▪The lawsuit was filed by Attorney General Rob Bonta against Chrome Holding Co., formerly known as 23andMe.
- ▪Nearly 7 million people's ancestry and genetic data were exposed in the breach.
- ▪The breach was attributed to a credential-stuffing attack that went undetected for over five months.
Opening excerpt (first ~120 words) tap to expand
California's attorney general is suing the consumer genetics testing company formerly known as 23andMe, alleging the company failed to protect customers' sensitive personal information in a massive 2023 data breach that exposed the ancestry and genetic data of nearly 7 million people.Attorney General Rob Bonta filed the lawsuit on Thursday against Chrome Holding Co., formerly known as 23andMe, accusing the company of failing to properly investigate or respond to numerous warnings that its systems had been compromised.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at CNET — News.
Discussion
0 commentsMore from CNET — News
