23andMe Fined £2.3 Million Over Major UK Data Breach
Genetic testing firm penalized for exposing sensitive user information
UK regulators have fined genetic testing company 23andMe £2.3 million for failing to protect the personal data of over 150,000 UK residents during a 2023 cyberattack.
The breach compromised sensitive information, including health records and family histories, and was discovered only after stolen data appeared on Reddit.
The Information Commissioner's Office criticized the company for inadequate security measures and a delayed response.
Following the breach, 23andMe filed for bankruptcy protection in the U.S., and a $305 million acquisition bid led by former CEO Anne Wojcicki aims to restore the company's operations with enhanced data protections.
The breach compromised sensitive information, including health records and family histories, and was discovered only after stolen data appeared on Reddit.
The Information Commissioner's Office criticized the company for inadequate security measures and a delayed response.
Following the breach, 23andMe filed for bankruptcy protection in the U.S., and a $305 million acquisition bid led by former CEO Anne Wojcicki aims to restore the company's operations with enhanced data protections.
