Key facts
- Victims of the 2023 23andMe data breach will share $46.75 million.
- The payout plan was proposed by the company's bankruptcy administrator.
- The proposed amount is $3.25 million less than the maximum authorized by the judge.
- The breach affected an estimated 6.9 million U.S. customers.
- 23andMe filed for Chapter 11 bankruptcy in March 2025.
- California's Attorney General is seeking civil fines in a separate lawsuit.
Victims of a 2023 data breach at 23andMe are slated to receive $46.75 million under a plan put forth by the genetic testing company's bankruptcy administrator, according to a court filing.
The administrator described the proposed payout as an "equitable outcome" that would avoid further litigation and align with the company's financial condition. The amount is $3.25 million below the maximum authorized by the judge overseeing the Chapter 11 case. After accounting for $14.29 million previously disbursed, the additional payout to victims will total $32.46 million.
The breach exposed genetic and other personal information of an estimated 6.9 million U.S. customers. While over 255,860 claims have been resolved, thousands remain pending.
Based in Palo Alto, California, 23andMe, now legally known as Chrome Holding Co., filed for bankruptcy protection in March 2025. The company cited the data breach, related litigation, increased competition, and declining demand for its products as reasons for its financial distress.
Last July, TTAM Research Institute, a nonprofit controlled by 23andMe co-founder Anne Wojcicki, acquired the company's assets for $305 million.
Separately, California Attorney General Rob Bonta filed a lawsuit last month, alleging 23andMe ignored warnings about compromised systems and downplayed the breach's severity. Bonta is seeking potentially millions in civil fines, but the bankruptcy judge has yet to rule on whether the state can proceed with its case. The judge had previously approved a victim fund ranging from $30 million to $50 million in January.