Editor’s Note: This article has been updated to indicate 23andMe has been hit with a lawsuit claiming a “data breach.” However, the company says it is still investigating whether a breach occurred. 

(NewsNation) — Biotechnology company 23andMe is facing a class action lawsuit that alleges a “data breach” compromised customer information.

The company admitted to suspicious activity after a hacker appeared online offering to sell 23andMe user information on the dark web. The information appeared to include around a million users, with Ashkenazi Jews specifically targeted, according to the hacker.

The company is requiring all users to reset their passwords after the hack. The company has also promised to notify individual users whose information was compromised.

23andMe said in a statement last week that while an unspecified amount of “customer profile information” had been compiled “through access to individual 23andMe.com accounts,” but said company itself had not been breached.

Plaintiffs Monica Santana, Paula Kleynburd, Bonnie Eden, Michelle Andrizzi, and Kerry Lamons have filed the class action suit in California federal court. The lawsuits allege it was a data breach.

According to Top Class Actions, the plaintiffs argue 23andMe customers affected by what they are calling a data breach are faced with a “present and imminent threat” of fraud and identity loss.

Think you were affected? Here’s what to do

Some states including California, Virginia and Colorado have comprehensive privacy laws, according to Yahoo News. It’s worth getting in contact with 23andMe and requesting they delete your information.

There’s also identity theft protection. Some companies provide a wide range of identity theft protections such as alerts whenever your sensitive information is used on applications.

NewsNation’s Steph Whiteside contributed to this report.