Victims of the 2023 data breach at 23andMe will receive a $46.75 million payout, a ruling from a California bankruptcy court judge announced on Tuesday. This decision comes as Chrome Holding, which acquired 23andMe after its bankruptcy, is mandated to compensate those affected by the breach that compromised the data of 6.9 million users.
Details of the Data Breach Settlement
The court's ruling specifies that the settlement funds will be distributed to Kroll Restructuring, the firm representing the victims, within five business days. Kroll will handle the distribution of the compensation to the affected individuals. The exact number of victims who will benefit from this payout remains unclear, as representatives from Kroll have not yet disclosed this information.
The 23andMe data breach occurred when hackers accessed approximately 14,000 user accounts, leading to significant exposure of personal genetic information. This breach not only affected the direct users but also allowed hackers to reach the genetic profiles of their relatives, impacting millions of individuals.
Background on 23andMe and the Breach
Founded in 2006, 23andMe provides genetic testing services that compile detailed profiles based on DNA samples. Despite its innovative services, the company faced severe criticism following the breach, which prompted investigations and subsequent fines, including a £2.31 million penalty from the UK's Information Commissioner's Office (ICO). The ICO determined that 23andMe had not implemented adequate security measures to protect sensitive user data.



