Illumina Settles DOJ Lawsuit for $9.8 Million Over Alleged Cybersecurity Violations.

The DOJ has reached a $9.8 million settlement with Illumina over allegations that the company sold genomic-sequencing systems with software vulnerabilities to federal agencies for multiple years. Illumina denied the allegations, but agreed to settle due to the "uncertainty, expense and distraction" of litigating the case. The company will receive $1.9 million from the settlement, which will go to a whistleblower who provided details about the company's alleged noncompliance.

The Department of Justice (DOJ) has reached a $9.8 million settlement with Illumina, a leading manufacturer of genomic sequencing systems, over allegations that the company sold systems with software vulnerabilities to federal agencies for multiple years. The settlement, announced on July 31, 2025, resolves allegations that Illumina violated the False Claims Act by failing to incorporate cybersecurity measures into its product design and development process [1].

Illumina, which holds approximately 80% of the global market share for genomic sequencing systems, has denied the allegations but agreed to settle the matter due to the "uncertainty, expense, and distraction" of litigating the case. The settlement includes a $1.9 million payment to Erica Lenore, a former director at Illumina who served as the whistleblower in the case [2].

The settlement comes after a series of cybersecurity incidents involving Illumina's products. In 2023, the Food and Drug Administration (FDA) issued a warning about a vulnerability in Illumina software that could allow attackers to change device settings remotely. Additionally, in 2022, the Cybersecurity and Infrastructure Security Agency (CISA) warned about a flaw in Illumina's Local Run Manager software that could alter test results remotely [2].

The settlement also includes a $4.3 million restitution payment to the government, along with a 4.33% interest on the settlement money, backdated to March 2025. The remaining funds are unspecified in the settlement text [3].

The case was investigated by the DOJ's Civil Division, Commercial Litigation Branch, and Fraud Section, with assistance from various federal agencies, including the U.S. Attorney’s Office for the District of Rhode Island, the Army Criminal Investigation Division, and the HHS Office of the Inspector General [1].

References:
[1] https://www.justice.gov/opa/pr/illumina-inc-pay-98m-resolve-false-claims-act-allegations-arising-cybersecurity
[2] https://www.cybersecuritydive.com/news/cyber-fraud-settlement-genomic-testing-company/756559/
[3] https://rhodeislandcurrent.com/2025/08/01/whistleblower-who-said-biotech-manufacturer-defrauded-federal-agencies-settles-lawsuit/