23andMe fined €2.4m in Spain for failure to safeguard genetics data
( July 17, 2026, 09:04 GMT | Official Statement) -- MLex Summary: Genetic testing company 23andMe was fined €2.4 million on Thursday by the Spanish privacy watchdog after a 2023 cyberattack that compromised over 2,600 Spanish users’ genetic, health, and ethnicity data. According to the regulator, 23andMe failed to implement security measures appropriate for the extreme sensitivity of the data it processed - even though the hack happened using a well-known method - and then notified the authority too late.Fine attached (in Spanish)....
Prepare for tomorrow’s regulatory change, today
MLex identifies risk to business wherever it emerges, with specialist reporters across the globe providing exclusive news and deep-dive analysis on the proposals, probes, enforcement actions and rulings that matter to your organization and clients, now and in the longer term.
Know what others in the room don’t, with features including:
- Daily newsletters for Antitrust, M&A, Trade, Data Privacy & Security, Technology, AI and more
- Custom alerts on specific filters including geographies, industries, topics and companies to suit your practice needs
- Predictive analysis from expert journalists across North America, the UK and Europe, Latin America and Asia-Pacific
- Curated case files bringing together news, analysis and source documents in a single timeline
Experience MLex today with a 14-day free trial.