Back to Industry

Industry - Enforcement

moderateAnti-PrivacyEnforcement

Executive Summary

Consumer alert: 23andMe hit with $18 million penalty after massive DNA data breach

What Happened

23andMe received an $18 million penalty following a massive data breach involving DNA and genetic information. The enforcement action came after customer data was compromised, though the specific date of the breach, the number of affected users, and the enforcing authority are not disclosed in the available source material.

Who Is Affected

Customers of 23andMe who submitted DNA samples for genetic testing are affected. The breach exposed genetic data, which is among the most sensitive personal information because it is permanent, cannot be changed, and may reveal health predispositions and family relationships.

Why It Matters

This penalty highlights the serious consequences companies face when they fail to protect highly sensitive genetic information. DNA data breaches carry unique risks because genetic information is immutable and can affect not only the individual customer but also their biological relatives, setting a precedent for accountability in the genetic testing industry.

What You Should Do

If you are a 23andMe customer, monitor your account for unauthorized access and watch for official notifications from the company about the breach. Consider enabling two-factor authentication on your account if available, review your privacy settings to limit data sharing, and be alert for potential phishing attempts or identity theft that could follow from exposed personal information.

Summary generated from verified sources and reviewed before publication. How we summarize.

Consumer alert: 23andMe hit with $18 million penalty after massive DNA data... - Industry | PrivacyWire