739
23andMe frantically changed its terms of service to prevent hacked customers from suing
(www.engadget.com)
This is a most excellent place for technology news and articles.
No idea if they’ve been audited. GDPR doesn’t require it. My understanding is that American companies doing any business or having any users in the EU need to be GDPR compliant for those users. I don’t think that’s been challenged in any courts yet.