The UKโs ICO fined 23andMe over $3 million for poor cybersecurity and delayed response to a major data breach that exposed genetic data of millions. The breach involved credential stuffing attacks, inadequate security measures, and a slow investigation, highlighting significant vulnerabilities in the companyโs data protection practices. #23andMe #DataBreach
Keypoints
- 23andMe was fined over $3 million by the UKโs ICO for cybersecurity failures.
- The data breach exposed the genetic information of millions of users over several months.
- The company failed to implement multi-factor authentication and monitor cyber threats effectively.
- A credential stuffing attack increased in intensity, affecting over 150,000 UK residentsโ data.
- Security improvements are expected to be implemented by the end of 2024 following regulatory pressure.
Read More: https://therecord.media/uk-data-privacy-regulator-fines-23andme