23andMe Fined $3.1 Million by UK Over Data Breach

The UK’s data protection authority has fined DNA testing company 23andMe £2.31 million ($3.12 million) for what it described as “serious security failings” that led to a major data breach in 2023. The regulator said the incident exposed sensitive genetic information, causing what it called “profoundly damaging” consequences. The penalty has drawn international scrutiny, with 23andMe fined 31 million in local currency for its handling of the security lapse.

According to the UK Information Commissioner’s Office, the breach compromised highly personal data tied to users’ genetic profiles. The agency criticized the company for not doing enough to protect customers’ information. Security experts have warned that genetic data, once exposed, cannot be changed like passwords or credit card numbers. The ICO emphasized the lasting impact of such breaches. With 23andMe fined 31 million pounds, the case signals the growing regulatory focus on protecting biometric and genetic data.

Read the full article at: https://www.bleepingcomputer.com/news/security/uk-fines-23andme-for-profoundly-damaging-breach-exposing-genetics-data/