Ancestry services can tell you a lot, but you have to hand over some very sensitive personal data to them. Your genetic data being sold on the dark web is not a joke, and thanks to the data violation of this ancestor service, that’s exactly what is happening.
Your genetic data is being sold online
The DNA test firm 23andme faced a large -scale data violation in 2023, leaking genetic data of millions of customers. Hackers were capable of breaking 14,000 individual accounts and away with information related to approximately 6.9 million persons listed on the site.
Stolen data includes:
-
Name
-
Birthday’s
-
Geographical information
-
profile pictures
-
Race
-
Health report
-
Ethnicity
-
Family tree
Following the data violation, the office of the UK Information Commissioner Office (ICO) and Canadian Privacy Commissioner (OPC) announced a joint inquiry into the incident in June 2024. A year later, the investigation has concluded for “deep damage” for 23andme with a fine of £ 2.31 million ($ 3.13 million). Ico,
The investigation also highlighted security accidents at the time of violation. The company did not take proper authentication measures with a lack of compulsory multi-factor authentication (MFA) and loose password requirements. 23andme did not take any measures to prevent raw genetic data from accessing and downloading, and “there were no” effective systems to monitor, detect or react to their customers’ sensitive information. ,
John Edwards, UK Information Commissioner, describes it the best:
23andme failed to take basic steps to protect this information. Their security system was inadequate, warning signs were there, and the company was slow to respond. This left the most sensitive data of people to exploit and damage to damage.
The 23andme attitude in accepting Breach was also reported. Brech started in April 2023 and lasted until May 2023. However, the company did not confirm the breech and began a complete investigation by October 2023, when an employee advertised the stolen data for sale on Reddit.
Data security starts with you
Unlike passwords and other information that often leaked into such data violations, you can simply not change your genetic data. Once this data gets out of there, you are essentially compromising for life.
Connected
After the violation of my data, here is how I have protected my accounts
The sooner you walk, the safe you will follow any type of data violation.
So when you can’t do much in this case, except being cautious about any scam or identity efforts, then you can still try and protect yourself from future violations. Setting an MFA for online accounts and using strong, unique passwords for each account is some of the most basic steps that you should take to protect your digital footprint, even if the service provider makes them mandatory. If you are affected by data breech, the protection of your credit rating is also important.
Additionally, try to avoid using online services that seek very more sensitive information in the first place. Certainly, it seems exciting to learn about your offspring, but this curiosity is not worth gambling with highly sensitive genetic information that can be used for all types of malicious purposes.
