CyberSecurityBoard
Sponsor Register Login

23andMe files for bankruptcy, customers advised to delete DNA data

With the company's assets now up for sale to the highest bidder, privacy experts fear that all the amassed DNA data could fall into the wrong hands, potentially exposing 23andMe customers' genetic information despite the company's assurances that this won't happen. The Office of California's Attorney General also reacted to the news and issued a consumer alert advising 23andMe customers to ask the company to delete their data, destroy their test samples, and revoke permission for their data to be used for research. This alert also provides detailed steps on how to file these requests, including logging into your account, going into Settings, clicking 'View' next to "23andMe Data" (here you also have the option to download your data first), scrolling to "Delete Data," and clicking "Permanently Delete Data." Next, you must click the link in the confirmation email that you'll receive 23andMe. "In addition, we are committed to continuing to safeguard customer data and being transparent about the management of user data going forward, and data privacy will be an important consideration in any potential transaction," said Mark Jensen, 23andMe Chair of the Board of Directors. In September 2024, 23andMe agreed to pay $30 million to settle a lawsuit over a data breach that had exposed the data of 6.4 million customers in 2023. Today, the United Kingdom's Information Commissioner's Office also said that genetic information is among the most sensitive personal data individuals share and warned that companies handling this data must follow strict security and governance standards under GDPR. This 2023 data breach led to multiple class-action lawsuits, which prompted 23andMe—in a move widely criticized by customers—to amend its Terms of Use in November 2023 to make it harder to sue the company. In January 2024, the company also confirmed that the attackers stole health reports and raw genotype data during five months of credential-stuffing attacks. 23andMe has been providing direct-to-consumer DNA testing services since November 2007 to customers who send a saliva sample and receive a report on their ancestry and genetic predispositions. ​California-based genetic testing provider 23andMe has filed for Chapter 11 bankruptcy and plans to sell its assets following years of financial struggles. The company said in a Sunday press release that it will not change how it stores, manages, or protects customer data.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Mon, 24 Mar 2025 20:25:02 +0000


Cyber News related to 23andMe files for bankruptcy, customers advised to delete DNA data

DNA testing: What happens if your genetic data is hacked? - The personal information of millions of people who sent swabs of their DNA to consumer testing services have been leaked in high profile hacks in recent years, leading to questions about how secure that genetic data is. In autumn 2023, a hacker ...
1 year ago Packetstormsecurity.com
23andMe confirms nearly 7 million customers affected in data leak - Nearly 7 million 23andMe customers had their profile data leaked in a cybersecurity incident in October, a company spokesperson confirmed to SC Media on Monday. The vast majority of the leaked data was scraped from the site's DNA Relatives feature ...
1 year ago Packetstormsecurity.com
23andMe failed to detect mega-breach attackers for 5 months The Register - Biotech and DNA-collection biz 23andMe, the one that blamed its own customers for the October mega-breach, just admitted it failed to detect any malicious activity for the entire five months attackers were breaking into user accounts. In a collection ...
1 year ago Go.theregister.com
23andMe files for bankruptcy, customers advised to delete DNA data - With the company's assets now up for sale to the highest bidder, privacy experts fear that all the amassed DNA data could fall into the wrong hands, potentially exposing 23andMe customers' genetic information despite the company's ...
3 weeks ago Bleepingcomputer.com
Hacker leaks millions of new 23andMe genetic data profiles - A hacker has leaked an additional 4.1 million stolen 23andMe genetic data profiles for people in Great Britain and Germany on a hacking forum. Earlier this month, a threat actor leaked the stolen data of 1 million Ashkenazi Jews who used 23andMe ...
1 year ago Bleepingcomputer.com Rocke Hunters
How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
6 months ago Aws.amazon.com
23andMe: It's YOUR Fault We Lost Your Data - DNA testing firm doubles down on blaming victims and sics lawyer on them. Millions of 23andMe users had their personal information stolen last year. Apparently, it's not the firm's responsibility-it's the users' own fault that a distant relative had ...
1 year ago Securityboulevard.com
23andMe Faces Legal Backlash Over Data Breach and Blames Victims - Facing a deluge of more than 30 lawsuits from individuals impacted by a substantial data breach, genomics company 23andMe has taken a defensive stance by placing responsibility on the victims themselves. The breach came to light in October when ...
1 year ago Cysecurity.news Inception
23andMe Blames User "Negligence" for Data Breach - DNA testing firm 23andMe has argued the victims are responsible for the breach of highly sensitive genomics data on its systems last year. The DNA testing firm argued this allowed the attackers to launch a credential stuffing campaign using usernames ...
1 year ago Infosecurity-magazine.com
23andMe - 23andMe is a revolutionary service that analyzes your DNA and provides insights into your health, ancestry, and traits. This saliva-based DNA service offers personalized reports on your ancestry, family history, traits, and more. With one of the ...
1 year ago
23andMe bankruptcy draws investigation from House panel over data concerns | The Record from Recorded Future News - The company’s bankruptcy filing “raises significant concerns regarding potential transfers of customers’ and family members’ sensitive personal data to various interested entities,” including China’s government, says committee Chairman ...
5 hours ago Therecord.media
23andMe says, er, actually some genetic and health data might have been accessed in recent breach - In October we reported that the data of as many as seven million 23andMe customers were for sale on criminal forums following a password attack against the genomics company. Now, a filing with the US Securities and Exchange Commission has provided ...
1 year ago Malwarebytes.com
23andMe Is On The Ventilator. Its CEO Remains 'Hopeful' - The Silicon Valley and Wall Street golden kid 23andMe was the DNA testing firm just three years ago. The company is currently in risk of being delisted from the Nasdaq. CEO of 23andMe Anne Wojcicki tells CNN that Wall Street shouldn't write her off ...
1 year ago Cysecurity.news
DNA Security: Companies Must Meet Strict Penalties for Risking Users' Data - The pressing concern of companies ignoring DNA security DNA security is a concern that is often not talked about in the cybersecurity landscape. Personal information is what's buzzing these days. The latest 23andMe data breach serves as a sharp ...
1 year ago Cysecurity.news
The 23andMe Data Breach Keeps Spiraling - More details are emerging about a data breach the genetic testing company 23andMe first reported in October. As the company shares more information, the situation is becoming even murkier and creating greater uncertainty for users attempting to ...
1 year ago Wired.com
23andMe: Data Breach Was a Credential-Stuffing Attack - DNA testing company 23andMe has released further details surrounding an October data breach, where user profile information had been accessed and downloaded at the hands of a threat actor. On Oct. 1, a threat actor made a post on the Dark Web ...
1 year ago Darkreading.com
23andMe told victims of data breach that suing is futile, letter shows - Last year, hackers accessed 14,000 accounts on 23andMe by using passwords that had been previously breached during security incidents on other websites. By using this tactic, known as credential stuffing, hackers could access the personal data of ...
1 year ago Packetstormsecurity.com
Infosec experts divided over 23andMe's breach blame game The Register - 23andMe users' godawful password practices were supposedly to blame for the biotech company's October data disaster, according to its legal reps. Nope, the biotech firm's infrastructure management was certainly not at fault in any way when 6.9 ...
1 year ago Go.theregister.com
23andMe Says Hackers Saw Data From Millions of Users - Personal genetics firm 23andMe on Tuesday confirmed that hackers using stolen passwords accessed the personal information about 6.9 million of its members. While the hackers were only able to get into about 14,000 accounts, or 0.1 percent of its ...
1 year ago Securityweek.com
23andMe updates user agreement to prevent data breach lawsuits - In October, a threat actor attempted to sell 23andMe customer data and, after failing to do so, leaked the data for 1 million Ashkenazi Jews and 4.1 million people living in the United Kingdom. 23andMe told BleepingComputer that the data was obtained ...
1 year ago Bleepingcomputer.com
23andMe: "Negligent" Users at Fault for Breach of 6.9M Records - Up against an onslaught of lawsuits, 23andMe is denying liability for millions of users' genetic records leaked last fall. In a letter sent to a group of users suing the company obtained by TechCrunch, lawyers representing the biotech company laid ...
1 year ago Darkreading.com
How Can DSPM Prevent High-Profile Breaches? - In early October 2023, a DNA testing company for ancestry discovery purposes, 23andMe, disclosed that it suffered a data breach. On the 5th of December 2023, the company shared that the data breach was more damaging than was initially reported. On ...
1 year ago Gbhackers.com
23andMe responds to breach with new suit-limiting user terms The Register - Security in brief The saga of 23andMe's mega data breach has reached something of a conclusion, with the company saying its probe has determined millions of leaked records originated from illicit break-ins into just 14,000 accounts. In an update on ...
1 year ago Go.theregister.com
T-Mobile Data Breach Affects 37 Million Customers: What You Should Know - T-Mobile recently announced that a data breach of its API had impacted the personal records of over 37 million customers. The breach occurred on the T-Mobile website, and could have allowed unauthorized users to access customer data such as name, ...
2 years ago Heimdalsecurity.com
Arrests in $400M SIM-Swap Tied to Heist at FTX? - Three Americans were charged this week with stealing more than $400 million in a November 2022 SIM-swapping attack. The U.S. government did not name the victim organization, but there is every indication that the money was stolen from the now-defunct ...
1 year ago Krebsonsecurity.com Scattered Spider

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)