New York Attorney General Letitia James has secured an $18 million settlement with 23andMe over a data breach that exposed millions of customers' genetic information. The settlement was reached after James and 42 other attorneys general investigated the breach, which occurred in 2023.

"We are committed to protecting the sensitive information of New Yorkers," James said.

The breach exposed the genetic data of millions of 23andMe customers, including those in Rochester. The settlement requires 23andMe to pay $18 million to the affected states and to implement new security measures to protect customer data. James and the other attorneys general began investigating the breach in 2023, after 23andMe notified them of the incident.

The settlement is a significant victory for James and the other attorneys general, who have been working to protect the personal data of their residents. The breach highlights the importance of data security and the need for companies to take steps to protect their customers' information. In Rochester, residents can take steps to protect their own data by being cautious when sharing personal information online and by using strong passwords.

The settlement will also have an impact on the local economy, as companies that handle personal data will need to take steps to ensure that they are in compliance with the new security measures. This could lead to an increase in jobs in the cybersecurity industry, as companies hire experts to help them protect their customers' data.

The data breach is a reminder of the importance of protecting personal information and the need for companies to take steps to prevent breaches. James and the other attorneys general will continue to work to protect the personal data of their residents and to hold companies accountable for their actions.

The settlement is expected to be finalized in the coming weeks, and James will continue to work to ensure that the terms of the settlement are enforced. Rochester residents can expect to see an increase in efforts to protect their personal data, and companies that handle personal data will need to take steps to comply with the new security measures.