More News:

July 14, 2026

Pa. and N.J. each receive over $400,000 in 23andMe settlement

The multi-state lawsuit stems from the genetic testing company’s 2023 data breach that impacted 6.9 million customers worldwide.

Courts Settlements
23 and me settlement Source/23andMe

Pennsylvania and New Jersey will each receive over $400,000 in a newly reached settlement with genetic testing company 23andMe.

Pennsylvania and New Jersey will each receive over $400,000 in an agreement with the DNA testing company 23andMe after a 2023 data breach compromised millions of customers’ genetic data.

Attorneys general Dave Sunday of Pennsylvania and Jennifer Davenport of New Jersey announced the $18 million bankruptcy claim settlement Tuesday which will be split between 42 states that joined the lawsuit. Pennsylvania stands to receive $491,902 and New Jersey will receive $409,588 as a result of the agreement.


MOREAhead of MLB All-Star Game, activists to fly banner urging Phillies to cut ties with Citizens Bank

23andMe also agreed to settle a $46.75 million class-action lawsuit to be paid to affected customers in the United States who submitted claims by Feb. 17. Over 192,000 people in Pennsylvania and nearly 150,000 in New Jersey had their information compromised during the breach, according to state prosecutors.

The settlement includes $150 million in allowed claims for the states, but recovery funds are limited due to the company’s bankrupt status, according to the settlement. The $18 million will be immediately paid out of available bankruptcy funds.

"Today's settlement holds 23andMe accountable for its misleading statements and its failure to protect the DNA profiles of customers," Davenport said in a statement. "We will always stand on your side against corporations that mislead the public and endanger your privacy."

23andMe, which formed in 2006, sold saliva testing kits and analyzed the samples to generate various reports related to customers' ancestry and health predispositions.

In October 2023, the company said it discovered a massive data breach that scraped sensitive information from roughly 6.9 million customers around the world, including some data that was found listed for sale on the dark web.

Attorneys general from 42 states, including Pennsylvania and New Jersey, ran an investigation into the company’s practices and alleged that 23andMe engaged in "unreasonable data security practices" by failing to employ safeguards against cyberattacks, properly investigate potential breaches or remediate vulnerabilities in its security systems.

In March 2025, the company filed for bankruptcy protection and states filed claims related to their joint investigation. A separate lawsuit and objection to the bankruptcy sale were filed by 27 states, including Pennsylvania, to block 23andMe from auctioning off customers’ information.

As part of the bankruptcy proceedings, 23andMe sold its consumer data to TTAM Research Institute, a nonprofit formed by 23andMe founder and former CEO Anne Wojcicki. Terms of the sale included stronger data security protections, prosecutors said.

"This company was trusted by millions of Americans to safeguard very private data and information, but failed to do so," Sunday said in a statement. "I find it appalling that a company dealing with customers' personal information would be so lax about their system protections, then have the audacity to deny and attempt to wash their hands of wrongdoing."