Excerpt from PYMNTS Article, Published on Sep 15, 2024.
23andMe has agreed to pay $30 million to settle a lawsuit related to a data breach that compromised the personal information of nearly 7 million customers. The genetics testing company revealed the breach in October 2023, six months after it began, which allowed unauthorized access to 5.5 million DNA Relatives profiles and data from another 1.4 million users of the Family Tree feature. The settlement resolves claims that 23andMe failed to protect customer data adequately and did not inform customers with Chinese and Ashkenazi Jewish ancestry of specific targeting by the hacker.
The company announced that about $25 million of the settlement and related legal expenses will be covered by its cyber insurance. As part of the settlement, 23andMe has committed to providing three years of security monitoring to the affected customers. This move is intended to help prevent further misuse of personal information and reassure customers of their commitment to data security. Despite the financial impact, 23andMe believes this settlement is in the best interest of its customers and aims to finalize the agreement swiftly.
The incident sheds light on the growing vulnerabilities and challenges faced by companies like 23andMe, which handle sensitive genetic data. Cybersecurity experts stress the importance of a defense-in-depth strategy, which involves multiple layers of security measures to protect against such breaches. Large businesses are increasingly becoming attractive targets for cybercriminals due to the valuable data they store and the potential for ransom payments.
This data breach and the subsequent settlement highlight the critical need for robust cybersecurity practices and constant vigilance in safeguarding customer data. Ensuring the security and privacy of sensitive information remains a top priority for companies in the digital age, especially those in sectors dealing with personal and genetic data.
To delve deeper into this topic, please read the full article on PYMNTS.
