Ariz. AG Presses 23andMe on Its Plans to Compensate Victims
The Oct. 6 data breach at 23andMe resulted in the publication of the data of a million users of Ashkenazi Jewish heritage and 100,000 users of Chinese ancestry, said a Jan. 4 letter from Arizona Attorney General Kris Mayes (D) to the online genetic testing company, released publicly Thursday. The information was sold on the dark web for $1 to $10 per individual account, Mayes said. Two weeks later, the data of another 4 million users was reportedly advertised on the same forum where the first set of data was published, she said. “The recent increase in all hate crimes across the country, especially antisemitic and anti-Asian hate crimes, means that this is a particularly dangerous time for the targeted sale of information of individuals identifying and belonging to specific racial or ethnic groups -- information that 23andMe profits from analyzing,” she said. Mayes requested information in 21 areas, including the company’s plans to prevent a recurrence of the breach, compensate affected consumers and provide data monitoring services, and its plans for use and disposal of affected users’ personally identifiable information.