Connect with us

Hi, what are you looking for?

Saturday, Jul 11, 2026
Mugglehead Investment Magazine
Alternative investment news based in Vancouver, B.C.
23andMe breach victims to receive USD$46.75M settlement after bankruptcy ruling
23andMe breach victims to receive USD$46.75M settlement after bankruptcy ruling
23andMe sells genetic tests that provide consumers with information about a variety of things, including ancestry, wellness and traits such as food-taste preferences. Image from eric baradat via Agence France-Presse and Getty Images

Medical and Pharmaceutical

23andMe breach victims to receive USD$46.75M settlement after bankruptcy ruling

The court documents did not specify how many people will ultimately receive compensation

Victims of the 2023 data breach at 23andMe will receive USD$46.75 million in compensation after a California bankruptcy judge approved a settlement on Tuesday.

The ruling requires Chrome Holding, which acquired control of the genetics testing company through bankruptcy proceedings, to fund the payment for people affected by the cyberattack.

Additionally, the court ordered the money transferred to Kroll Restructuring within five business days. Kroll will distribute the settlement funds directly to eligible victims. The company suffered widespread criticism after hackers exposed sensitive genetic information belonging to about 6.9 million people.

The attackers initially compromised roughly 14,000 customer accounts but later accessed millions of additional profiles through relatives connected to those accounts, greatly expanding the breach’s impact. However, the court documents did not specify how many people will ultimately receive compensation. The BBC said it contacted lawyers representing the victims for that information.

Chrome Holding acquired 23andMe after the company entered bankruptcy and later transferred its assets to TTAM Research Institute, an organization operated by co-founder Anne Wojcicki following a successful USD$305 million bankruptcy auction bid.

Meanwhile, 23andMe filed for bankruptcy about 18 months after the cyberattack occurred. The company collects DNA samples through consumer testing kits and creates detailed genetic profiles for customers.

Those profiles can include information about ancestry, inherited traits, health markers and family relationships.

Furthermore, regulators concluded the company failed to adequately protect that sensitive information before the breach occurred, leading to investigations and financial penalties in multiple jurisdictions. Britain’s Information Commissioner’s Office fined the company GBP£2.31 million after determining its security measures fell short.

Read more: Robotic hand maker Tesollo initiates IPO proceedings

Read more: Regeneron Pharmaceuticals gets access to biometric data for 15 million people

Multiple privacy concerns remain about DNA testing services

Additionally, California Attorney General Rob Bonta sued the company in May, alleging investigators found weak data protection practices. 23andMe continues selling DNA testing kits despite its financial troubles has never reported an annual profit.

Privacy concerns surrounding consumer DNA testing services have intensified since the 2023 cyberattack at 23andMe. Experts warn that genetic information presents unique risks because it cannot be changed like a password or credit card number.

The breach exposed data belonging to roughly 6.9 million people after hackers initially gained access to about 14,000 customer accounts. After which, they expanded their reach through the company’s DNA Relatives feature. Bonta has become one of the most vocal public officials on the issue. Bonta further urged customers to exercise their rights under California law by deleting their genetic data and requesting the destruction of any stored DNA samples. He warned that the company held a large volume of sensitive personal information. He also reminded consumers that state privacy laws allow them to request its deletion.

Privacy scholars have also questioned whether current laws adequately protect genetic information held by direct-to-consumer testing companies. I. Glenn Cohen, faculty director of the Petrie-Flom Center at Harvard Law School, argued that customers who submit DNA to companies like 23andMe are generally treated as consumers rather than patients. This means that federal health privacy laws such as HIPAA do not fully apply. He and other researchers have called for stronger federal safeguards covering genetic data. This is particularly salient for when companies face bankruptcy or asset sales.

 

.

Follow Mugglehead on X

Like Mugglehead on Facebook

Follow Joseph Morton on X

joseph@mugglehead.com

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Technology

The Ministry of Culture tabled the proposal as part of a wider anti-piracy package

Psychedelics

They agreed that veterans need improved access and research barriers should be removed

Medical and Pharmaceutical

When 23andMe collapsed financially, its genetic data quickly attracted attention as a lucrative asset

AI and Autonomy

The push towards accountability for the AI space could potentially be curtailed with the arrival of a Trump presidency