23andMe will pay $30 million to settle a class action lawsuit over a data breach affecting more than 6.9 million customers. As part of the proposed settlement, the genetic testing site will compensate affected customers and provide them with access to a security monitoring program for three years.
23andMe disclosed the data breach last October, but it didn’t confirm the overall impact until December. Customers using the DNA Relatives feature may have had information like names, birth years, and ancestry information exposed through the breach. At the time, 23andMe attributed the hack to credential stuffing, a tactic that involves logging into accounts using recycled logins exposed in previous security breaches.
In January 2024, customers…