Data Privacy
May 28, 2026
Bonta sues over 23andMe data breach
The complaint details how 23andMe blamed customers for the breach and dismissed stolen genetic data as essentially public -- even as listings appeared on criminal forums sorting users by ethnicity, including Ashkenazi Jewish heritage and Chinese ancestry.
California Attorney General Rob Bonta sued Chrome Holding Co. and its subsidiary ChromeCo Inc. -- formerly 23andMe -- on Wednesday, alleging the genetic testing company failed to protect sensitive genetic data belonging to nearly 7 million users, concealed the scope of a 2023 data breach and secretly paid a hacker $400,000 in cryptocurrency.
The complaint, filed in San Francisco Superior Court, alleges violations of California's Genetic Information Privacy Act, California Cons...
For only $95 a month (the price of 2 article purchases)
Receive unlimited article access and full access to our archives,
Daily Appellate Report, award winning columns, and our
Verdicts and Settlements.
Or
$895, but save $100 when you subscribe today… Just $795 for the first year!
Or access this article for $45
(Purchase provides 7-day access to this article. Printing, posting or downloading is not allowed.)
Already a subscriber?
Sign In