23andMe will pay $30 million to settle a class action lawsuit over a data breach affecting more than 6.9 million customers, compensating and offering security monitoring.
Customers using the DNA Relatives feature may have had sensitive information like names, birth years, and ancestry exposed. 23andMe attributed the hack to credential stuffing.
The lawsuit alleges that 23andMe failed to protect customer privacy, and did not notify affected customers of targeted data exposure risks.
The settlement highlights concerns regarding 23andMe's financial situation, indicating that a larger litigated judgment may be uncollectable.
Collection
[
|
...
]