A class-action lawsuit filed in late 2023 against genetic testing company 23andMe alleges that a significant data breach specifically targeted users of Jewish and Chinese ancestry. The breach, which occurred in October 2023, resulted in the theft of genetic data, some of which was reportedly sold and shared on the dark web. The lawsuit claims that more than 1 million records of Jewish customers and 350,000 records of Chinese customers were leaked. This breach has sparked widespread concern about privacy and the protection of sensitive personal information.
The Breach and Its Targeted Impact
The lawsuit, led by plaintiffs David Melvin and an anonymous customer (identified as J.L.), accuses 23andMe of failing to notify its customers promptly about the breach. According to the lawsuit, hackers specifically sought the genetic information of Jewish and Chinese customers, compiling lists that were sold on dark web forums. The plaintiffs allege that these lists gained significant traction among hackers, particularly amid rising global tensions, such as the Israel-Hamas conflict.
Related Article: 23andMe Hacked – A Breach of Trust in Genetic Data
For the Jewish data, the breach was allegedly motivated by geopolitical events, while the Chinese data breach was apparently requested by a user with the alias “Wuhan,” according to the lawsuit. These targeted attacks raised alarm over the security of genetic data and its potential misuse in identity-based targeting.
23andMe’s Response
23andMe has come under fire for its handling of the breach, with the lawsuit accusing the company of negligence and a delayed response to customers. The plaintiffs claim that 23andMe did not inform the affected users about the breach immediately, giving hackers more time to exploit the stolen information. Moreover, they allege that the company was aware of how the data was being used but chose to remain silent.
A notable aspect of the lawsuit involves the timing of the notification. The plaintiffs argue that 23andMe delayed alerting the public while it added arbitration clauses to its terms and conditions, aiming to reduce its liability. This has only fueled criticism of the company’s transparency and accountability in handling such a serious data security issue.
Legal Action and Allegations
The lawsuit, filed in California federal court, seeks to represent a nationwide class of individuals whose genetic data was compromised. This includes specific subclasses of people with Ashkenazi Jewish heritage and Chinese ancestry, as well as residents of certain states like Oregon, Illinois, and Alaska. The plaintiffs are seeking compensatory and punitive damages, accusing 23andMe of violating privacy and consumer protection laws.
As the case progresses, it highlights the ongoing concern about the safety of genetic information stored by private companies. Genetic data, unlike other personal identifiers, is immutable and carries significant implications for personal privacy, identity theft, and discrimination.
Industry-Wide Concerns
The breach at 23andMe has sent shockwaves throughout the genetic testing industry, raising questions about how companies handle and protect sensitive data. As more people use services like 23andMe to explore their ancestry and health risks, the potential for misuse of this data becomes more concerning. Genetic testing companies must now confront the challenge of strengthening cybersecurity measures to protect users’ data from similar breaches in the future.
In conclusion, the 23andMe data breach and subsequent lawsuit underline the critical importance of data security in the age of personal genomics. As the case unfolds, it is expected to shape the discourse around genetic privacy and influence future regulations on the handling of such sensitive information.
For more information about the lawsuit and its implications, visit the sources used to compile this report (
Dwayne Paschke specializes in writing, management, development, design and Search Engine Optimization. Although he has worked for 8 years in the industry, he never found an ideal person to work with as a partner. Later, he found Sebastian Pearson, and they both found specific understanding between them. Both of them divided their tasks in this project and are running this venture successfully.