23andMe Agrees to $30 Million Settlement Over Data Breach of Millions
23andMe Settles Lawsuit for $30 Million
23andMe has reached an agreement to pay $30 million as part of a class action lawsuit related to a data breach that compromised the information of over 6.9 million customers. The genetic testing platform reported the breach last October, noting that the DNA Relatives feature was likely targeted during the hack.
Details of the Data Breach
- Credentials were exploited using a method called credential stuffing.
- Customers experienced exposure of personal data including names and ancestry information.
In January 2024, a class action lawsuit was filed, accusing 23andMe of inadequate privacy protection. The lawsuit specifically pointed out inadequate notifications to customers of certain heritages who were uniquely targeted in the breach.
Company Response and Future Steps
- 23andMe claims that cyber insurance will cover roughly $25 million of the settlement.
- The proposed settlement awaits judicial approval to finalize.
Anne Wojcicki, CEO of 23andMe, has faced scrutiny as the company grapples with financial struggles and declining stock prices. The settlement underscores significant privacy concerns and the necessity for strong data protection measures.
Disclaimer: The information provided on this site is for informational purposes only and is not intended as medical advice. We are not responsible for any actions taken based on the content of this site. Always consult a qualified healthcare provider for medical advice, diagnosis, and treatment. We source our news from reputable sources and provide links to the original articles. We do not endorse or assume responsibility for the accuracy of the information contained in external sources.
This article was prepared using information from open sources in accordance with the principles of Ethical Policy. The editorial team is not responsible for absolute accuracy, as it relies on data from the sources referenced.