Data Breach Of DNA Diagnostics Center’s Network Resulting In Unauthorized Access And Acquisition Of Archived Database With Personal Information

In a press release (“DNA Diagnostics Center, Inc. Provides Notice of Data Security Incident”) on the website of the State of California Department of Justice, Office of the Attorney General, DNA Diagnostics Center, Inc. advised that “[o]n August 6, 2021, DNA Diagnostics Center, Inc. (DDC) detected potential unauthorized access to its network, during which there was unauthorized access and acquisition of an archived database that contained personal information collected between 2004 and 2012. The impacted database was associated with a national genetic testing organization system that DDC acquired in 2012. This system has never been used in DDC’s operations and has not been active since 2012.”

DDC’s press release also stated that “[t]he impacted database was associated with a national genetic testing organization that DDC has never used in its operations and has not been active since 2012. DDC acquired certain assets from this national genetic testing organization in 2012 that included certain personal information, and therefore, impacts from this incident are not associated with DDC.” Further, the press release stated that “[i]mpacted individuals may have had their information, such as Social Security numbers or payment information, impacted as a result.” [Emphasis added.]

Additional information about the data breach can be found by clicking “Data Security Incident Information Center,” a document also located on the California Attorney General’s website related to the data incident. reported that “DNA Diagnostics Center . . ., a US-based DNA testing company, has disclosed a hacking incident that affects 2,102,436 persons. The incident resulted in a confirmed data breach that occurred between May 24, 2021, and July 28, 2021, but the firm discovered it only on October 29, 2021.” According to, the breached information includes full names, credit and debit card number (plus CVV), financial account number and and platform account password.

Have You Been Impacted by A Data Breach?

If so, please complete the form on the right or contact Kehoe Law Firm, P.C., [email protected]for a free, no-obligation evaluation of potential legal claims.

Examples of the type of relief sought by data privacy class actions, include, but are not limited to, reimbursement of identity theft losses and of out-of-pocket costs paid by data breach victims for protective measures such as credit monitoring services, credit reports, and credit freezes; compensation for time spent responding to the breach; imposition of credit monitoring services and identity theft insurance, paid for by the defendant company; and improvements to the defendant company’s data security systems.

Data privacy class actions are brought on a contingent-fee basis; thus, plaintiffs and the class members do not pay out-of-pocket attorney’s fees or litigation costs.  Subject to court approval, attorney’s fees and litigation costs are derived from the recovery obtained for the class.

Kehoe Law Firm, P.C.