1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • UK watchdog hits 23andMe with multi-million pound fine over 2023

    From TechnologyDaily@1337:1/100 to All on Wed Jun 18 11:15:08 2025
    UK watchdog hits 23andMe with multi-million pound fine over 2023 data breach

    Date:
    Wed, 18 Jun 2025 10:07:24 +0000

    Description:
    23andMe fined 2.31 million for failing to implement appropriate security measures.

    FULL STORY ======================================================================The ICO has issued 23andMe with 2.31 million ($3.1 million) fine Fine is punishment for failings following 2023 data breach An investigation found 'serious security failings'

    The British data protection watchdog, the Information Commissioners Office (ICO) has issued a 2.31 million fine to 23andMe for failing to implement appropriate security measures to protect the personal information of UK users

    This follows a 2023 cyberattack in which hackers accessed 23andMe personal user data.

    The breach only affected 0.1% of the company's customer base, roughly 14,000 individuals, but thanks to the sensitive nature of the information 23andMe holds, hackers were able to access a significant number of files containing profile information about other users ancestry that such users chose to
    share.

    Save up to 68% on identity theft protection for TechRadar readers!

    TechRadar editors praise Aura's upfront pricing and simplicity. Aura also includes a password manager, VPN, and antivirus to make its security solution an even more compelling deal.

    Preferred partner ( What does this mean? ) View Deal Keeping secure

    The joint investigation, carried out between the ICO and Canadian Privacy Commissioner revealed serious security failings after the breach, calling 23andMes actions inadequate.

    After the hackers carried out their credential stuffing attack, the company waited months until starting a full investigation, only confirming the breach after an employee discovered stolen data advertised for sale on Reddit.

    This breach put those affected at risk, not just for the typical identity theft and fraud, but also for seriously sophisticated social engineering attacks. If your genetic or family history is sold to a criminal, it could be leveraged against you.

    This was a profoundly damaging breach that exposed sensitive personal information, family histories, and even health conditions of thousands of people in the UK, confirmed John Edwards, UK Information Commissioner.

    As one of those impacted told us: once this information is out there, it cannot be changed or reissued like a password or credit card number.

    An example of this could be a family member reaching out and asking for more information about yourself, or a medical company contacting you about an existing genetic health condition. If youre affected by this breach, be sure to be extra vigilant and cautious about any unexpected communications you receive.

    23andMe failed to take basic steps to protect this information. Their
    security systems were inadequate, the warning signs were there, and the company was slow to respond. This left peoples most sensitive data vulnerable to exploitation and harm, Edwards confirmed. You might also like Take a look at our picks for the best malware removal software around Check out our
    choice for best antivirus software Hackers claim 64 million leaked T-Mobile records, but it denies breach



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/uk-watchdog-hits-23andme-with-multi-mil lion-pound-fine-over-2023-data-breach


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)