EXTRA CASH: Americans in line to get one-time payment from $30m data breach settlement after customers’ info were stolen by hackers
According to THE SUN, Customers of the genetics testing firm 23andMe could be eligible for a one-time cash payment following a substantial $30 million settlement over a data breach.
Data Breach Details
The breach, which occurred between April and September 2023, compromised nearly seven million user accounts. The class action lawsuit, filed in San Francisco, accused 23andMe of failing to protect customer privacy and of not informing clients that certain ethnic groups, specifically those with Chinese and Ashkenazi Jewish ancestry, were targeted by hackers.
Hackers exploited old passwords to access about 14,000 profiles, which were linked to millions more through ancestry connections. Sensitive data, including health reports and raw genotype information, was stolen and leaked on platforms such as Reddit and BreachForums. The breach affected data from over four million people in the UK and a million Ashkenazi Jews.
Settlement Details
23andMe has agreed to pay $30 million as part of the settlement. Although the company denies any wrongdoing, it has committed to enhancing its cybersecurity measures and conducting annual checks. Affected individuals will receive cash payments and can enroll in a three-year program called Privacy & Medical Shield + Genetic Monitoring.
Despite acknowledging the reasonableness of the settlement, 23andMe has requested a pause in proceedings, citing its “extremely uncertain financial condition.” The company anticipates that about $25 million of the settlement amount will be covered by cyber insurance.
Financial Impact and Company Status
The data breach impacted almost half of the company’s 14.1 million customers at the time. 23andMe disclosed the breach in a blog post in October 2023. The company’s financial situation has been challenging, with its share price plummeting from $10 three years ago to less than $1 since mid-December.