In early October, a data breach involving 23andMe customer profile information came to light. The company’s investigation revealed that a threat actor may have been able to access certain accounts on 23andMe to obtain information about users’ “DNA Relatives” profiles, if they had opted into that service. The investigation also revealed that threat actors were able to access certain accounts in instances where users recycled login credentials from other websites. Approximately a million users’ data may have been exposed, including data points such as names, gender, birth year, and some genetic ancestry results.
Tycko & Zavareei LLP is at the forefront of consumer privacy and data breach class action litigation. When companies mishandle consumer data (particularly involving data that involves consumers’ personally identifiable information), unlawfully collect and disclose information, or fail to protect themselves against ransomware, our team seeks to hold them accountable. If you have received a notice of breach letter or email from a 23andMe, please contact us below.
It’s free and 100% confidential.
We look forward to hearing from you.