India, June 17 -- Canadian and U.K. privacy watchdogs have sharply criticized genetic testing firm 23andMe for substandard security measures and a sluggish response that exposed nearly seven million users' sensitive information in October 2023.
Their joint probe found 23andMe lacked essential protections such as multi-factor authentication and robust password requirements leaving 320,000 Canadians and 155,000 Britons vulnerable when hackers leveraged recycled credentials to infiltrate accounts.
Canada's Privacy Commissioner Philippe Dufresne decried the breach as a "cautionary tale" about prioritizing data protection amid rising cyber threats. In the U.K., Information Commissioner John Edwards slapped 23andMe with a £2.31 million fin...