The U.K. information defense guard dog has actually fined 23andMe ₤ 2.31 million ($ 3.1 m) for falling short to safeguard U.K. citizens’ individual and hereditary information before its 2023 information violation.
The Info Commissioner’s Workplace (ICO) claimed on Tuesday it has actually fined the hereditary screening firm as it “did not have added confirmation actions for individuals to gain access to and download their raw hereditary information” at the time of its cyberattack.
In 2023, hackers stole private data on more than 6.9 million users’ over a months-long project by accessing countless accounts making use of taken qualifications. 23andMe did not need its individuals to utilize multi-factor verification, which the ICO claimed damaged U.K. information defense legislation.
The ICO claimed over 155,000 U.K. citizens had their information taken in the violation.
In feedback to the penalty, 23andMe informed TechCrunch that it had rolled out mandatory multi-factor authentication for all accounts.
The ICO claimed it touches with 23andMe’s trustee adhering to the company’s filing for bankruptcy protection A hearing on 23andMe’s sale is anticipated in the future Tuesday.
.
