A lawsuit filed by California's attorney general alleges that 23andMe failed to detect and stop a five-month-long hack of its IT systems in 2023, despite receiving multiple warning signs1. The hackers gained access to the systems in late April 2023 using compromised credentials, and were able to remain undetected for an extended period. This breach highlights the importance of implementing robust security measures to prevent and detect such incidents. The lawsuit claims that 23andMe missed red flags, which could have prevented the breach or minimized its impact. The fact that the hackers were able to go undetected for so long raises concerns about the company's security protocols and its ability to protect sensitive customer data. This incident matters to practitioners because it underscores the need for proactive security measures and timely incident response to prevent and mitigate the effects of cyberattacks.
23andMe Failed to Stop Months-Long Hack, State Alleges
⚡ High Priority
Why This Matters
Lawsuit: Genetics Testing Firm Missed Red Flags Before Massive 2023 Breach Hackers in 2023 went undetected for five months in genetics testing firm 23andMe's IT systems, despite.
References
- Bank Info Security. (2026, May 30). 23andMe Failed to Stop Months-Long Hack, State Alleges. Bank Info Security. https://www.bankinfosecurity.com/23andme-failed-to-stop-months-long-hack-state-alleges-a-31816
Original Source
Bank Info Security
Read original →