<ul data-eligibleForWebStory="true"><li>Genetic testing company 23andMe fined £2.3m for failing to protect UK residents' personal information during a 2023 cyberattack.</li><li>Sensitive data including family trees, health reports, names, and postcodes were hacked.</li><li>The breach affected 150,000 UK residents, with a total of 7 million people impacted.</li><li>Customers requested deletion of DNA data post-hack, leading to the company filing for bankruptcy protection.</li><li>Former CEO Anne Wojcicki led a $305m bid to regain control through a bankruptcy auction.</li><li>Regulator found 23andMe inadequately protected data, with breaches linked to poor user authentication and reused passwords.</li><li>Hackers exploited vulnerabilities using stolen passwords in so-called 'credential stuffing'.</li><li> Regulators criticized 23andMe for delayed response and leaving sensitive data vulnerable.</li><li>Spokesperson mentioned security improvements post-breach, including enhanced protection and free identity theft monitoring.</li><li>Several high fines issued by the ICO in recent years for data protection failures, including Interserve and Advanced Computer Software Group.</li></ul>

DNA testing firm 23andMe fined £2.3m by UK regulator for 2023 data hack

Discover more