California’s attorney general sued 23andMe for failing to implement adequate security controls for sensitive genetic records and for misleading customers after the 2023 breach. The lawsuit alleges the company did not take basic steps to protect users’ data, including sensitive personal information, family histories, and health conditions. The complaint also claims consumers were misled about the nature and severity of the mishap. The alleged data sale on the dark web occurred during a period of rising anti-Asian American, Pacific Islander, and antisemitic hate and violence, and the information was described as deeply personal and identifying. The case targets Chrome Holding Co., formerly known as 23andMe.
"“23andMe collected genetic data about millions of people, failed to meet its obligation under California law to keep that information safe, and then lied to consumers about the severity of its 2023 data breach,” said Bonta on Thursday. “Our investigation found that the company failed to take basic steps to protect users' data - data including the sensitive personal information, family histories, and health conditions of consumers”"
"“The sale of this data on the dark web took place amidst a period of mounting anti-Asian American and Pacific Islander and antisemitic hate and violence - and explicitly called attention to the deeply personal and identifying nature of that information. This is disturbing and incredibly dangerous. Today, my office is suing 23andMe for its categorical failure to comply with California law.”"
"The lawsuit was filed against Chrome Holding Co., formerly known as 23andMe. TTAM Research Institute bought 23andMe's assets last year. TTAM Research Institute was founded and is led by Anne Wojcicki, who was also 23andMe's CEO at the time of the breach and one of the company's co-founders."
Read at theregister
Unable to calculate read time
Collection
[
|
...
]