23andMe’s DNA Disaster: £2.3m Fine for Privacy Failures Amid Cyber-Attack Chaos

23andMe is in hot water after the UK’s privacy regulator slapped them with a £2.3m fine for a 2023 cyber-attack. The breach affected around seven million people worldwide. It seems the company missed several chances to stop hackers, who accessed customer data using reused login credentials. Time for a DNA do-over!

3P
Published: June 17, 2025 2:32 pmAdded: June 17, 2025 at 8:07 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Looks like 23andMe has more than a few strands of trouble in their DNA! Not only are they singing the data breach blues, but their bank account’s feeling the pinch too. How do you say “Oops, we did it again” in genetic code?

Key Points:

  • 23andMe hit with a £2.3m ($3.1m) fine by UK privacy regulators for a 2023 data breach.
  • Cyber-attack exploited reused login credentials from unrelated breaches, impacting around six million customers.
  • Information of seven million people worldwide was compromised, including sensitive data like health reports and family trees.
  • ICO found 23andMe guilty of poor security measures, including lack of multi-factor authentication.
  • Despite missed opportunities to prevent the breach, 23andMe blames user negligence.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?