23andme Is Asked to Confirm if Data Security Is Part of Its DNA

Cozen O'Connor
Contact
LinkedIn
Facebook
X
Send
Embed

Cozen O'Connor

  • Connecticut AG William Tong sent an inquiry letter to 23andMe, Inc. asking the genetic testing and ancestry company for more information regarding an October 6th press release in which it disclosed that customer profile information had been compiled and released by a threat actor who was able to access accounts in instances where users recycled login credentials.
  • In the letter, AG Tong states that to date, 23andMe had not yet submitted a notice to the OAG as is required following a security breach compromising the personal information of Connecticut residents. He also notes reports indicating that the threat actor appears to have targeted individuals with Ashkenazi Jewish and Chinese ancestry, which he asserts is especially troubling given the rise of anti-Semitic and anti-Asian rhetoric in recent years.
  • AG Tong states that the incident calls into question the company’s compliance with the Connecticut Data Privacy Act and asks 23andMe for information regarding its policies and procedures for obtaining consent from users and ensuring the confidentiality of sensitive personal information.
Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Cozen O'Connor | Attorney Advertising

Written by:

Cozen O'Connor
Cozen O'Connor
Contact
more
less

Cozen O'Connor on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide