Genetic testing company 23andMe is facing a class action lawsuit after users’ data was accessed without authorization – a breach it blames on customers who used a recycled password as login credentials for their account on the home DNA firm’s website. 23andMe wrote in a letter responding to attorneys representing customers whose data was exposed that no breach occurred under the provisions of the California Privacy Rights Act because users targeted in the initial breach were using login credentials that had ...