Connect with us

Hi, what are you looking for?

News

23andMe Nears $30 Million Settlement After Data Breach Exposes 6.9 Million Users’ Personal Information

23andMe Nears $30 Million Settlement After Data Breach Exposes 6.9 Million Users' Personal Information
23andMe Nears $30 Million Settlement After Data Breach Exposes 6.9 Million Users' Personal Information

23andMe is nearing a settlement of $30 million in response to a class action lawsuit stemming from a data breach that exposed the personal information of 6.9 million users. The proposed settlement includes compensation for affected customers, along with enhanced security measures such as annual computer scans and cybersecurity audits over the next three years.

A dedicated website will be established to inform eligible users about settlement and payment processing. Additionally, impacted users will be given the option to delete their information from the service and can enroll in a free three-year Privacy & Medical Shield + Genetic Monitoring program. The settlement terms are still awaiting judicial approval.

The data breach, disclosed by 23andMe in October 2023, involved the leakage of sensitive information from the DNA Relatives profiles of 5.5 million customers and Family Tree profiles of 1.4 million participants. The company later revealed that hackers had access to its systems from April to September 2023, using a technique known as credential stuffing.

23andMe Nears $30 Million Settlement After Data Breach Exposes 6.9 Million Users' Personal Information

23andMe Nears $30 Million Settlement After Data Breach Exposes 6.9 Million Users’ Personal Information

This method involves leveraging previously compromised login credentials to access customer accounts, highlighting security vulnerabilities within the company’s infrastructure.

Multiple lawsuits were filed against 23andMe in response to the breach, with one case alleging that certain customers of Chinese and Ashkenazi Jewish heritage were specifically targeted. However, in the settlement agreement, 23andMe firmly denied these claims, stating that it had not failed to protect user information as alleged. The company reiterated that it did not neglect its responsibility to secure personal data and disputed the accusations brought forward in the lawsuit.

The breach and subsequent legal challenges have surfaced at a time of financial uncertainty for 23andMe. In its 2024 fiscal report, the company disclosed that its total revenue had declined by 27%, dropping from $299 million to $220 million year-over-year. To cover the settlement cost, 23andMe plans to rely on its cyber insurance policy, which is expected to contribute $25 million toward the total $30 million settlement payout.

As the proposed settlement awaits court approval, 23andMe is taking steps to manage the aftermath of the data breach. The financial and reputational impacts of the incident are significant, and the company is focusing on improving its cybersecurity protocols while compensating affected users. However, the company’s ongoing financial challenges may continue to shape its recovery and future business strategies.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Tech

Threads is experimenting with a new feature that allows users to set a 24-hour timer on their posts. After this period, the post and...

News

AU10TIX, an Israeli company that verifies IDs for clients like TikTok, X, and Uber, accidentally left important admin credentials exposed for over a year....

Tech

A team of international researchers has developed Live2Diff, an AI system that transforms live video streams into stylized content in near real-time. Named for...

Tech

Amazon Web Services (AWS) recently unveiled several innovations aimed at enhancing the development and deployment of generative AI applications, addressing concerns around accuracy and...