+44-7916-314620
Biotech firm 23andMe has agreed to pay tens of millions of dollars to the victims of a significant data breach in 2023.
The data breach accessed the information of over six million individuals, including a significant number of files containing information about users’ ancestry.
The firm has also agreed to bolster its security after the incident, including mandatory multi-factor authentication (MFA), protection against credential stuffing and annual audits.
Read More: Highline Public Schools Forced to Close By Cyber-Attack
However, the settlement is in no way an admission of any guilt.
“23andMe denies any wrongdoing whatsoever, and this agreement shall in no event be construed or deemed to be evidence of or an admission or concession on the part of 23andMe for any claim of any fault or liability or wrongdoing or damage whatsoever,” the company stated in the settlement agreement.
It was revealed that hackers originally gained access to a few user accounts via previously compromised credentials because MFA did not protect them. Subsequently, they could scrape data from additional registered users with the DNA Relatives feature.
The firm’s lawyers have consistently argued vehemently that the fault was with negligent users, even though most breached customers were caught up in the incident through no fault of their own – because they’d opted into DNA Relatives.
They also argued that the compromised data couldn’t be used to cause “pecuniary harm” as it didn’t include users’ social security numbers, driver’s license numbers, or payment details.
Ultimately, the attack compromised data on an estimated 6.9 million customers, including 6.4 million US residents.
In October 2023, threat actors claimed to be selling genetic profile data for millions of British and Ashkenazi Jewish people.
Source: https://www.infosecurity-magazine.com/news/23andme-30m-data-breach-settlement/
Latest News
- Top Cybersecurity Services for Small Businesses in 2024
Summary Small businesses often face cyber threats due to limited resources for advanced protection. This article explores the top cybersecurity services small businesses can use to safeguard their data and networks. Importance of Cybersecurity for Small Businesses Small businesses are frequent targets for cyberattacks. Services like managed security, firewalls, and endpoint protection can prevent breaches,… Read more: Top Cybersecurity Services for Small Businesses in 2024 - Best Antivirus Software to Protect Your Devices in 2024
Summary Finding the best antivirus software can be overwhelming, with many options. A reliable antivirus protects your devices from malware, viruses, and online threats. This article highlights the top antivirus software for 2024, their features, and how they can help keep you safe. Why You Need the Best Antivirus Software Antivirus software is essential for… Read more: Best Antivirus Software to Protect Your Devices in 2024 - Cicada3301 Ransomware Targets Critical Sectors in US and UK
A new ransomware group, Cicada3301, has emerged as a significant threat since its discovery in June 2024. It targets businesses in critical sectors across the US and UK. In just three months, the group has reportedly published data from 30 companies on their dedicated leak sites, underscoring the severity of the threat. Multi-Platform Ransomware and… Read more: Cicada3301 Ransomware Targets Critical Sectors in US and UK
