The UK’s sentinel from data has fined 23 and 2 £ 2.31 million ($ 3.1m) due to failing to protect the personal and genetic data of UK residents before its 2023 data break.
The Commissioner’s Office of Information (ICO) said on Tuesday that it fined the genetic test company, as it “had no additional control steps for users to access and download their raw genetic data” at the time of its cyber attack.
In 2023, Hackers stole private data on over 6.9 million users’ More than a month-long campaign through access to thousands of accounts through stolen credentials. 23AndME did not require that its users use a multifaceted authentication that the ICO said it had broken UK protection law.
The ICO said that more than 155,000 UK residents stole their data in the break.
In response to the fine, 23Andme told Techcrunch that it has Empty Mandatory Multiple Authentication For all accounts.
The ICO said it contacts the Trustee of 23Andme The bankruptcy protection company. A hearing on the sale of 23andme is waiting for a later Wednesday.
