On the internet, nothing is safe — not even your DNA, apparently.
That's the dystopian lesson from the commercial genetic testing company 23andMe, which disclosed on Friday in a regulatory filing that hackers managed to access information on about 14,000 users or 0.1 percent of its customer user base.
But the problem goes beyond this relatively small number of people. Because the website allows users to share DNA information with other users in order to find relatives, the true number impacted is orders of magnitude larger — with about 6.9 million customers having their personal information compromised, according to TechCrunch. Big yikes on that figure, because it affects something like half of the 14 million users at 23andMe.
Personal information included users' names, birthdays, location, relationships, ancestry background, and shared DNA percentages with relatives, according to the news outlet.
Last’s week disclosure was a follow up to the October news that hackers had stolen information from 23andMe and were selling this data online.
The company said there was no security breach. Hackers had obtained the information by using previously compromised user login data from other security breaches elsewhere and used them on the website, taking advantage of people’s laziness in using repeat passwords.
What’s disturbing about the 23andMe hack, besides trusting a private company with your DNA, is that smart cyber criminals can use the data to breach other websites by guessing correctly on security questions. Another threat is that hackers could take this information and blackmail wealthy people — because heaven knows genetic data can contain secrets.
But whatever threat is out there, if you're a 23andMe customer, maybe now is the time to change your password to something more secure.
More on DNA tests: DNA Tests Have a Nasty Side Effect: Discovering Your Parents' Secrets
Share This Article