DNA testing firm 23andMe fined £2.3m by UK regulator for 2023 data hack
The genetic testing company 23andMe has been fined more than £2.3m for failing to protect the personal information of more than 150,000 UK residents after a large-scale cyberattack in 2023.Family trees, health reports, names and postcodes were among the sensitive data hacked from the California-based company.It only confirmed the breach months after the infiltration started and once an employee saw the stolen data advertised for sale on the social media platform Reddit, according to the UK Information Commissioner’s Office – which levied the fine.The information commissioner, John Edwards, called the months-long incident across the summer of 2023 a “profoundly damaging breach”.
The compromise of UK data was just a fraction of the wider losses, with the data of 7 million people affected,23andMe charges users £89 to have their DNA screened using a saliva-based kit, allowing them to discover where their distant ancestors came from in terms of their ethnicity and location,But many customers asked for their DNA data to be deleted from the company’s archives after the hack and it filed for bankruptcy protection in the US in March,The fine came as a $305m bid to buy the company led by its former chief executive, Anne Wojcicki, looked poised to retake control of the company in a bankruptcy auction,Edwards said the data breach “exposed sensitive personal information, family histories and even health conditions of thousands of people in the UK”.
“As one of those impacted told us: once this information is out there, it cannot be changed or reissued like a password or credit card number,” he said.23andMe failed to take basic steps to protect the information and their security systems were inadequate, the UK data protection regulator found.The breaches included failing to install tougher user authentication.The hacker exploited a common weakness caused by users reusing passwords that had already been stolen in other unrelated data breaches.Hackers then used automated tools to try these passwords in a tactic called “credential stuffing”.
“The warning signs were there, and the company was slow to respond,” said Edwards, who carried out the investigation jointly with the privacy commissioner of Canada.“This left people’s most sensitive data vulnerable to exploitation and harm.”Sign up to First EditionOur morning email breaks down the key stories of the day, telling you what’s happening and why it mattersafter newsletter promotionA spokesperson for the company said 23andMe had since implemented multiple steps to increase security to protect individual accounts and information.They said that as part of the deal to acquire 23andMe, Wojcicki’s non-profit, the TTAM Research Institute, has made “binding commitments to enhance protections for customer data and privacy, including allowing individuals to delete their account and opt out of research at any time” and “agreeing not to sell or transfer genetic data under a subsequent bankruptcy or change of control”, and offering customers two years of free identity theft monitoring.The fine is among several multimillion pound punishments meted out by the ICO in recent years for failure to protect data from hacks and ransomware attacks.
In 2022, it fined the construction company Interserve £4.4m when staff data was compromised, including contact details, bank accounts, sexual orientation and health.In March this year it fined an NHS IT supplier, Advanced Computer Software Group, nearly £3.1m for security failings that put the personal information of nearly 80,000 people at risk.
Pastry perfection: Anna Higham’s recipes for chicken and herb pie and foldover pissaladière
Warmer weather always has me dreaming of elaborate picnics, just like the ones my mum used to take us on as kids. She made superlative chicken pies, and I always think of them at this time of year. Mum would use shop-bought pastry, but here I’ve made a herby rough puff to up the summery feeling. The onion and anchovy turnovers, meanwhile, are the perfect pocket savouries to keep you going on a long walk or day out. You could always make one batch of pastry and halve the amount of both fillings, so you can have some of each
How to make chocolate chip cookies – recipe | Felicity Cloake's Masterclass
Once upon a time, not so long ago, the only so-called chocolate chip cookies on offer in the UK were, in fact, biscuits – small, brittle ones peppered with tiny, waxy, cocoa-coloured pellets. When I finally discovered the soft, chewy American originals in a subterranean outlet at Birmingham New Street station, my teenage mind was officially blown. These are even better.Prep 25 min, plus chilling Cook 15 min Makes 15120g room-temperature butter 170g dark chocolate 75g light brown sugar 75g granulated sugar ½ tsp vanilla extract A pinch of salt 1 egg, beaten240g plain flour ½ tsp bicarbonate of soda Sea salt flakes (optional)Make sure your butter is soft enough to beat – if your kitchen is very cold, or you’ve forgotten to get it out of the fridge in time, dice it and leave it out on the counter while you gather together the rest of the ingredients. I tend to use salted butter for baking, as for everything else, but it’s up to you
Ragù, Bristol BS1: ‘I recommend it wholly, effusively and slightly enviously’ – restaurant review | Grace Dent on restaurants
Ragù is a cool, minimal, romantic ode to Italian cooking that’s housed in a repurposed shipping container on Wapping Wharf in waterside Bristol. No, come back, please – don’t be scared. There are tables, chairs, napkins, reservations and all the other accoutrements of a bricks-and-mortar restaurant, even if this metal box may at some point in its existence once have been used to ship things to China and back. To my mind, Wapping Wharf has gone from strength to strength in recent years, and no longer feels at all like one of those novelty “box parks” that have about them a heavy whiff of the edgy temporary fixture. Today’s Wapping Wharf is a true independent food destination in its own right, and with a bird’s-eye view from one of Ragù’s window seats, while eating venison rump with gorgonzola dolce and sipping a booze-free vermouth, you can watch the crowds head for the likes of the modern French Lapin, Tokyo diner Seven Lucky Gods, modern British Box-E, Gurt Wings and many more; by day, there’s also a bakery, a butcher, a fromagerie and so on
Raise a glass to National Beer Day: tips on the perfect pint
I didn’t write a Valentine’s Day column, I also didn’t do one for Mother’s Day, and I won’t be doing one for Father’s Day, either. Who am I to tell you how to enjoy your time with your most beloved – and who am I to tell you what they ought to be drinking, seeing as these days that’s invariably informed by gendered marketing and targeted campaigns?The Guardian’s journalism is independent. We will earn a commission if you buy something through an affiliate link. Learn more.I am, however, writing a column for National Beer Day on 15 June (the same as Father’s Day – yawn)
Benjamina Ebuehi’s recipe for cherry and honeycomb cheesecake pots | The sweet spot
Honeycomb gets lots of attention in the autumn months, but this crunchy brittle is such fun to make all year round, and adds a playful texture to all sorts of desserts such as today’s cheesecake pots. The quantities make more honeycomb than you need here, but extra snacking is inevitable. The cheesecake itself, which I’ve lightened with greek yoghurt, is super-simple to put together – just mix and chill.Prep 5 minCool 1 hr Cook 30 min Makes 6For the honeycomb200g caster sugar 200g golden syrup 2½ tsp bicarbonate of sodaFor the cherries255g pitted cherries, fresh or frozen and defrosted30g caster sugar Squeeze of lemon juiceFor the cheesecake150g digestive biscuits 50g salted butter, melted330g greek yoghurt 250g cream cheese 1 tsp vanilla bean paste 50g icing sugar 100ml double creamLine a 20cm square cake tin with greaseproof paper. Put the sugar and golden syrup in a deep saucepan and heat gently until the sugar melts
Ken Don obituary
My colleague Ken Don, who has died aged 80, was a passionate real ale brewer who played a key role in saving Maris Otter, considered the finest variety of malting barley. He spent most of his career at the Young’s Ram Brewery in Wandsworth, south London, where the ruling Young family was committed to cask-conditioned beer.Ken was born in Alloa, in Clackmannanshire, the son of Ian Don, who worked in a local glass factory, and his wife, Margaret (nee Cook). He was educated at Alloa academy and trained as a brewer at Alloa Brewery, where the main product was Skol lager. Keen to broaden his skills, he went on the brewing and distilling course at Heriot-Watt University in Edinburgh
Adult gaming centres failing to help problem gamblers self-exclude
Stress blamed for high number of NHS call handlers quitting
Grooming gangs in UK thrived in ‘culture of ignorance’, Casey report says
Carer’s allowance: woman who won case against DWP calls for end to ‘sickening harassment’
Ministers plan to use NHS app to expand clinical trials as part of UK-wide drive
My father died in a care home and all I got was denials and excuses | Letters