Illumina Pays $9.8M DOJ Settlement Over Cybersecurity Vulnerabilities in Government Genomic Systems

Biotech company Illumina has agreed to pay $9.8 million to the U.S. government to settle allegations that it sold genomic sequencing systems with known cybersecurity vulnerabilities to federal agencies between 2016 and 2023. The Justice Department accused Illumina of violating the False Claims Act by knowingly failing to incorporate adequate cybersecurity measures during the design, development, installation, and monitoring of its products, while also providing false assurances that its systems complied with established cybersecurity standards. Despite controlling over 80 percent of the global genetic testing market, Illumina allegedly neglected security protocols and did not sufficiently resource personnel or processes responsible for product security, posing risks to sensitive genomic data. No evidence of data theft was indicated, but officials emphasized the potential damage from such security lapses. The settlement includes $1.9 million awarded to a whistleblower, a former Illumina employee. The Department of Justice underscored its commitment to holding federal contractors accountable for protecting sensitive information from cyber threats.