23andMe settles a $30M lawsuit after failing to inform Ashkenazi Jewish users they were targeted in a data breach exposing 6.9M customer profiles. Affected users will receive compensation and genetic monitoring. The company faces financial struggles, reporting a $69.4M loss.
A genetics testing company has settled a $30 million lawsuit after failing to tell Ashkenazi Jewish users they had been specifically targeted in a massive data breach.
A five-month-long dark web data breach starting in April 2023 exposed the information of millions of 23andMe’s customers. It compromised 5.5 million DNA Relatives profiles, which allow customers to share information with each other, and accessed information for another 1.4 million customers who used the Family Tree feature. The company faced accusations of failing to protect customer privacy and neglecting to inform Ashkenazi Jewish and Chinese ancestry users that they were deliberately targeted by hackers.
Under the terms of the settlement, 23andMe will provide cash payments to customers whose data was compromised. Affected users will also be offered enrollment in a three-year program known as Privacy & Medical Shield + Genetic Monitoring. About $25 million of the settlement cost is expected to be covered by cyber insurance.
Facing tremendous financial difficulties, this settlement couldn’t have come at a worse time for the South San Francisco-based company. 23andMe reported a loss of $69.4 million on revenue of $40.4 million in the quarter ending June 30. Reportedly, Co-Founder Anne Wojcicki has been attempting to take the company private after its shares started trading below $1 since mid-December, a significant drop from its $10 per share price when it went public three years ago.
Leave a Reply