23andMe will pay US$30 million and provide three years of security monitoring to settle a lawsuit accusing the genetics testing company of failing to protect the privacy of 6.9 million customers whose personal information was exposed in a data breach last year.
The accord also resolves accusations that 23andMe did not tell customers with Chinese and Ashkenazi Jewish ancestry that the hacker appeared to have specifically targeted them, and posted their information for sale on the dark web.
A preliminary settlement of the proposed class action was filed late Thursday night in federal court in San Francisco, and requires a judge’s approval.
It includes cash payments for customers whose data was compromised, and lets customers enrolfor three years in a program known as Privacy & Medical Shield + Genetic Monitoring.
In a Friday court filing, …