23andMe’s fall from $6 billion to nearly $0 — a valuation collapse of 98% from its peak in 2021::undefined
I don’t know if the article talks about this or not (paywalled), but my guess would be due to public distrust. In case you weren’t aware, 23andme was recently hacked, exposing 6.9 million users data [1] and a class action lawsuit followed [2].
My personal biggest issue has always been with their TOS regarding how they forever own and will retain the rights to the provided DNA sample and resulting data derived from your DNA. This data was not treated or regulated as sensive medical data under something like HIPAA, so who knows how well they safeguard it [3].
Their website claims they won’t sell the data to 3rd parties or insurance companies without users consent, but we all have heard that before from Silicon Valley companies. This data could be sold or used in the future in ways I cannot fully conceive right now, and/or in ways I don’t agree with. With the rise in popularity of things like GPT, who knows if they will use the data for training AI models. These problems aren’t unique to 23andme, rather any of the tech DNA/ancestry companies.
[1] https://techcrunch.com/2023/12/04/23andme-confirms-hackers-stole-ancestry-data-on-6-9-million-users/
[3] https://healthitsecurity.com/features/what-the-23andme-data-breach-reveals-about-credential-stuffing
I was gifted the tests multiple times. I didn’t take the test because of my own data privacy concerns.
The thing I am concerned about is not necessarily 23andMe selling the data, but rather being sold off and having another company come in and being allowed to do what they want with it. I’ve seen that happen before with other data collecting companies, and I’m not sure to what extent the policies put in place by the collection company applies to the new company that buys them and their IP.
I imagine in this case that it would result in a massive class action suit, but for me the risks of having the data made available to, for example, insurance companies who could then deny coverage was just too high of a risk when the main payoff for me would be to find out my family comes from Ireland but that I’m also 5% Jewish.
You think victim-blaming for a hack they could have prevented had something to do with their massive loss?
The “hacker” gained access with a valid username and password gained from a completely unrelated leak because users were reusing passwords, logging in using a botnet & VPN to spread them out so they looked legit to 23andme. They then “hacked” the user data by going into the opt-in feature of the site that specifically you have to agree to share your data with any person they believe to be related to you, and read what it said.
So about as much as I hacked my school principals emails as a kid by reading the password of a teacher on a post-it note and opening their email client to see what messages the principal had sent them.
$5 says she ends up selling all the user data to some unsavory characters after the bottom falls out.
Well all the data that hasn’t been leaked already
Can we not link to pay walled stuff, or at least have a bot extract it somehow
It’s a link bot. the Reddit refugees felt it necessary to write bots to link spam lemmy so it felt busy here.
It feels cringe.
What’s worse is when you think there’s a discussion starting because it’s “hot” and there’s a comment thread started…only to find that the only comment in the body is the summary bot.
Is it still a pump and dump when the fake founder loses money too…
No pump. Just dump.