Reuters reported Friday that genetics testing firm 23andMe has agreed to pay a $30 million settlement after a hack uncovered 6.9 million prospects’ private data to the darkish internet. The corporate will even pay for 3 years of safety monitoring for affected prospects.
The category motion lawsuit alleged that 23andMe didn’t alert prospects with Ashkenazi Jewish and Chinese language ancestry that their private knowledge was posted on the market and that they could have been specifically focused within the April 2023 breach.
Associated: 23andMe Hackers Promoting Stolen Person Knowledge, Together with DNA Profiles of ‘Celebrities,’ on Darkish Internet
23andMe mentioned the settlement was “truthful, sufficient, and cheap” in a court docket submitting, per Reuters.
In a Dec. 2023 weblog put up addressing the hack, the corporate mentioned the assault began in April 2023 and lasted about 5 months. On the time, 23andMe had round 14.1 million prospects in its system. The corporate mentioned the hack affected not less than half of the database.
Who’s eligible to assert cash?
In line with court docket paperwork, affected customers can declare anyplace from $100 as much as $10,000 for probably the most “extraordinary” instances. If the settlement will get last approval, directions will likely be supplied on the best way to file for reimbursement.
Clients in Alaska, California, Illinois, and Oregon are topic to “genetic privateness legal guidelines with statutory damages provisions” and may solely declare $100, per PCMag.