What’s Inside
- The $30 million settlement underscores the growing importance of genetic privacy in the digital age.
- This case sets a precedent for how companies handling sensitive genetic data may be held accountable for breaches.
- The tiered compensation structure reflects the varying degrees of impact on different customer groups.
By Samuel A. Lopez – USA Herald
[USA HERALD] – The San Francisco-based DNA testing company 23andMe has agreed to settle a $30 million class-action lawsuit stemming from a massive data breach that exposed the personal information of nearly half its customer base. This settlement, while still pending court approval, could see affected customers receiving up to $10,000 in compensation.
Let’s break down the facts: In October 2023, 23andMe dropped a bombshell, revealing that hackers had accessed customer information. However, it wasn’t until December that the full extent of the breach came to light. Approximately 6.9 million users – that’s about half of the company’s 14 million customers – had their personal data exposed in a leak that began as far back as April 2023.
The lawsuit, filed in January 2024, accused 23andMe of failing to adequately protect its customers’ sensitive information. But here’s where it gets even more concerning: the suit also alleged that the company failed to notify certain customers with Chinese or Ashkenazi Jewish ancestry that their data was specifically targeted and spread on the dark web.
The Settlement
Now, let’s get to the part you’re all wondering about – the money. The proposed settlement includes a tiered compensation structure: