Pennsylvania will receive $491,902 as part of a multistate settlement related to a significant data breach at 23andMe.
The settlement, totaling $18 million, was established to address allegations regarding the company's inadequate data security measures that allegedly compromised sensitive genetic information for around 200,000 residents in the state.
Accusations against 23andMe include failure to implement essential security practices such as multifactor authentication and the lack of appropriate responses to credential stuffing attacks.
In addition to the state compensation, the agreement includes a broader $46.75 million fund for affected consumers across the United States. The settlement also enforces new data protection standards for the buyer of 23andMe's assets, aimed at enhancing security measures going forward.
The lawsuit claimed that 23andMe was aware of the breach for months before acknowledging it, initially attributing the responsibility to consumer negligence.
This material is informational and not financial advice. Consider your own risk before making investments in cryptocurrencies.



