Fallen DNA testing firm 23andMe won court approval of a bankruptcy plan that includes settlements to provide up to $62 million to resolve thousands of data breach claims.
Judge Brian C. Walsh of the US Bankruptcy Court for the Eastern District of Missouri approved the plan in a Wednesday order, overruling most creditor objections and challenges from data breach victims.
Many of those former customers’ objections were deemed moot or premature, and several of them didn’t appear at a court hearing on the plan.
Objections from the Justice Department’s bankruptcy watchdog and a coalition of state attorneys general were resolved ...
TPRM report: https://www.rankiteo.com/company/23andme
"id": "23a1764346412",
"linkid": "23andme",
"type": "Breach",
"date": "2025-11-28T00:00:00.000Z",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'incident': {'affected_entities': [{'customers_affected': 'Thousands (exact '
'number '
'unspecified)',
'industry': 'Biotechnology / Genetic '
'Testing',
'location': 'United States',
'name': '23andMe',
'size': None,
'type': 'Private Company'}],
'data_breach': {'data_encryption': None,
'data_exfiltration': True,
'file_types_exposed': None,
'number_of_records_exposed': None,
'personally_identifiable_information': True,
'sensitivity_of_data': 'High (genetic and '
'personal data)',
'type_of_data_compromised': 'Customer Data '
'(likely including '
'genetic and '
'personally '
'identifiable '
'information)'},
'description': 'Fallen DNA testing firm 23andMe won court '
'approval of a bankruptcy plan that includes '
'settlements to provide up to $62 million to '
'resolve thousands of data breach claims. Judge '
'Brian C. Walsh of the US Bankruptcy Court for '
'the Eastern District of Missouri approved the '
'plan, overruling most creditor objections and '
'challenges from data breach victims. Many former '
'customers’ objections were deemed moot or '
'premature, and several didn’t appear at a court '
'hearing on the plan. Objections from the Justice '
'Department’s bankruptcy watchdog and a coalition '
'of state attorneys general were resolved.',
'impact': {'brand_reputation_impact': True,
'conversion_rate_impact': None,
'customer_complaints': True,
'data_compromised': True,
'downtime': None,
'financial_loss': '$62 million (settlement amount)',
'identity_theft_risk': None,
'legal_liabilities': True,
'operational_impact': None,
'payment_information_risk': None,
'revenue_loss': None,
'systems_affected': None},
'initial_access_broker': {'backdoors_established': None,
'data_sold_on_dark_web': None,
'entry_point': None,
'high_value_targets': None,
'reconnaissance_period': None},
'investigation_status': 'Resolved (settlement approved)',
'post_incident_analysis': {'corrective_actions': None,
'root_causes': None},
'ransomware': {'data_encryption': None,
'data_exfiltration': None,
'ransom_demanded': None,
'ransom_paid': None,
'ransomware_strain': None},
'regulatory_compliance': {'fines_imposed': None,
'legal_actions': 'Settlement approved '
'by US Bankruptcy '
'Court; objections '
'from Justice '
'Department and state '
'attorneys general '
'resolved',
'regulations_violated': None,
'regulatory_notifications': None},
'response': {'adaptive_behavioral_waf': None,
'communication_strategy': None,
'containment_measures': None,
'enhanced_monitoring': None,
'incident_response_plan_activated': None,
'law_enforcement_notified': None,
'network_segmentation': None,
'on_demand_scrubbing_services': None,
'recovery_measures': None,
'remediation_measures': None,
'third_party_assistance': None},
'title': '23andMe Data Breach and Bankruptcy Settlement',
'type': 'Data Breach'}}