The U.Ok. knowledge safety watchdog has fined 23andMe £2.31 million ($3.1m) for failing to guard U.Ok. residents’ private and genetic knowledge previous to its 2023 knowledge breach.
The Data Commissioner’s Workplace (ICO) mentioned on Tuesday it has fined the genetic testing firm because it “didn’t have further verification steps for customers to entry and obtain their uncooked genetic knowledge” on the time of its cyberattack.
In 2023, hackers stole personal knowledge on greater than 6.9 million customers’ over a months-long marketing campaign by accessing 1000’s of accounts utilizing stolen credentials. 23andMe didn’t require its customers to make use of multi-factor authentication, which the ICO mentioned broke U.Ok. knowledge safety regulation.
The ICO mentioned over 155,000 U.Ok. residents had their knowledge stolen within the breach.
In response to the positive, 23andMe instructed TechCrunch that it had rolled out necessary multi-factor authentication for all accounts.
The ICO mentioned it’s in touch with 23andMe’s trustee following the corporate’s submitting for chapter safety. A listening to on 23andMe’s sale is predicted afterward Tuesday.
{content material}
Supply: {feed_title}
