EXTRA CASH: Americans in line to get one-time payment from $30m data breach settlement after customers’ info were stolen by hackers
According to THE SUN, Customers of genetics testing firm 23andMe may be eligible for a one-time cash payment following a substantial $30 million settlement related to a major data breach. The breach, which impacted nearly seven million user accounts, resulted in the theft of sensitive personal data.
Details of the Breach
A class action lawsuit filed in San Francisco accused 23andMe of failing to adequately protect customer privacy. The company faced criticism for not informing clients that certain ethnic groups, including those with Chinese and Ashkenazi Jewish ancestry, were specifically targeted by hackers. These hackers sold the stolen data on the dark web.
The breach, which occurred last year, involved hackers using old passwords to access approximately 14,000 profiles, which were then linked to millions more through ancestry tracing. Data from over four million people in the UK and one million Ashkenazi Jews were leaked on a Reddit thread and hacking blog BreachForums.
In January, 23andMe admitted that attackers had stolen health reports and raw genotype data between April and September. The company has agreed to enhance its cyber protections and conduct annual checks but has denied any wrongdoing related to the lawsuit.
Also Read: DOUGH WAY: Popular 65-year-old pizza chain with 10 restaurants becomes latest to file for bankruptcy
Settlement Terms
The settlement will provide cash payments to individuals whose data was compromised. Additionally, affected customers can enroll in a three-year program called Privacy & Medical Shield + Genetic Monitoring.
23andMe has requested a pause in proceedings for tens of thousands of individuals involved in the lawsuit, citing its “extremely uncertain financial condition.” The company expects to cover around $25 million of the settlement through cyber insurance.
Financial Impact and Company Status
The breach, which occurred from April to September 2023, affected nearly half of the 14.1 million customers in 23andMe’s database at the time. The company disclosed the breach in a blog post in October 2023.
The firm is facing significant financial difficulties, with its share price falling from $10 three years ago to less than $1 since mid-December. Despite these challenges, lawyers representing the plaintiffs stated that the main claims of their clients had been addressed.
The settlement marks a significant step in resolving the issues stemming from the breach, but the company’s ongoing financial struggles highlight the broader impact of the data theft on both its operations and customer trust.