The Department of Justice on Thursday announced a $9.8 million settlement with Illumina over allegations that the company sold genomic-sequencing systems with software vulnerabilities to federal agencies for multiple years.
Between 2016 and 2023, the government said, the company sold the systems without having an adequate security program and knowingly failed to incorporate cybersecurity into its product design process.
According to prosecutors’ complaint, Illumina is the dominant company in the global market, with a share of roughly 80%.
“Companies that sell products to the federal government will be held accountable for failing to adhere to cybersecurity standards and protecting against cybersecurity risks,” Assistant Attorney General Brett Shumate of the DOJ’s Civil Division said in a statement.
“This settlement underscores the importance of cybersecurity in handling genetic information and the department’s commitment to ensuring that federal contractors adhere to requirements to protect sensitive information from cyber threats,” he added.
Illumina denied the allegations that it knowingly sold defective products, and the agreement states that the company is not making any admissions related to those claims.
The Food and Drug Administration in 2023 issued a warning about a vulnerability in Illumina software that could allow an attacker to change settings on the device or even take it over remotely.
In 2022, the Cybersecurity and Infrastructure Security Agency warned...
This roundup of claims has been compiled by Full Fact, the UK’s largest fact checking charity working to find, expose and counter the harms of bad information. The AI overviews of searches with Go...