Cybersecurity
23andMe Fined £2.31 Million by UK Over Genetic Data Leak
23andMe was fined £2.31 million ($3.1 million) by UK regulators after a 2023 cyber attack exposed users’ genetic data in yet another privacy crisis surrounding the troubled DNA data bank.
The UK Information Commissioner’s Office announced the penalty Tuesday after a joint investigation with its Canadian counterpart. The former Silicon Valley startup violated UK data-protection laws, it said, by failing to put in place: appropriate authentication measures for customer login, relevant security steps for accessing raw genetic data and measures to detect and respond to cyber threats.