Today’s General Counsel reports:
Genetic testing company 23andMe, which is facing more than 30 lawsuits from the victims of a massive data breach, is claiming that the victims themselves are to blame for the loss of their own data, TechCrunch reports.
In a letter to hundreds of 23andMe users suing the company, 23andMe said the victims “negligently recycled and failed to update their passwords” after past security incidents unrelated to 23andMe. “Therefore, the incident was not a result of 23andMe’s alleged failure to maintain reasonable security measures.”
Read more at Today’s General Counsel.
23andMe continues to make headlines for its incident response to its massive data breach. In early December, The Data Breach Times noted that 23andMe had updated their user agreement to prevent data breach lawsuits. And now they blame the users for their breach? As DataBreaches.net commented, “As incident response and public relations go, blaming victims for your breach is generally not an impressive strategy. “