On July 31, 2025, the Department of Justice (DOJ) announced that Illumina, Inc. will pay $9.8 million to resolve allegations that it violated the False Claims Act (FCA) by selling genomic sequencing systems with software containing cybersecurity vulnerabilities to federal agencies. This is the first FCA settlement involving claims that a medical manufacturer failed to incorporate adequate product cybersecurity into its software design and development.

The allegations were first made in United States ex rel. Lenore v. Illumina Inc., No. 1:23-cv-00372 (D.R.I.), a qui tam action filed by Illumina’s former Director for Platform Management, On-Market Portfolio in September 2023. The relator alleged that, between February 2016 and September 2023, Illumina knowingly sold genomic sequencing systems to government agencies without adequate security programs or quality systems to identify and address software vulnerabilities. The complaint further alleged that Illumina failed to properly resource personnel and processes responsible for product security, did not remediate design features introducing cybersecurity risks, and misrepresented the software’s adherence to required cybersecurity standards.

According to the government, Illumina’s actions included:

• • Failing to incorporate product cybersecurity into the lifecycle of its genomic sequencing systems, including design, development, and post-market monitoring;
  • Inadequately supporting and resourcing the personnel, systems, and...

Read Full Story: https://news.google.com/rss/articles/CBMi-wFBVV95cUxOUkJ2WklYcnpTcmlRN3FIaHE0...