23andMe Moves to Consolidate Class Actions Involving Oct. Data Breach
23andMe filed a memorandum of law in support of a motion before the U.S. Judicial Panel on Multidistrict Litigation Friday to transfer and consolidate 31 class actions, and others subsequently filed, involving similar facts or claims around an October data…
Sign up for a free preview to unlock the rest of this article
Export Compliance Daily combines U.S. export control news, foreign border import regulation and policy developments into a single daily information service that reliably informs its trade professional readers about important current issues affecting their operations.
breach (see 23102500360). The genetic testing company announced Oct. 6 that it was hacked, compromising the names, gender, date of birth, genetic ancestry results, profile photos and geographical location of some customers who "recycled login credentials" with usernames and passwords that a threat actor may have accessed. The first action involving the incident, Santana et al v. 23andMe, was filed Oct. 9 in the U.S. District Court for Northern California in San Francisco, and 28 more followed there; two others were filed in the Northern District of Illinois: Gill v. 23andMe (8:23−cv−02387) and Bacus v. 23andMe (docket 1:23-cv-16828), said the memorandum (docket 3:23-cv-05464). On Nov. 30, Judge Edward Chen issued an order relating cases, finding 22 actions in the Northern District of California are related to the Santana action, said the memorandum. The last action, Rivers v. 23andMe Holding Co., was filed Dec. 15. The defendant expects additional lawsuits involving the same alleged security breach “given the ongoing filing of putative class actions over the last two-and-a-half months." Transfer is necessary to conserve court resources, reduce duplicative discovery and avoid inconsistent rulings if the actions proceed separately, the memorandum said.