Description
Hackers want to know everything about you: Your credit card number, your ID and passport info, and now, your DNA.
On October 1 2023, on a hacking website called BreachForums, a group of cybercriminals claimed that they had stolen—and would soon sell—individual profiles for users of the genetic testing company 23andMe.
23andMe offers direct-to-consumer genetic testing kits that provide customers with different types of information, including potential indicators of health risks along with reports that detail a person’s heritage, their DNA’s geographical footprint, and, if they opt in, a service to connect with relatives who have also used 23andMe’s DNA testing service.
The data that 23andMe and similar companies collect is often seen as some of the most sensitive, personal information that exists about people today, as it can expose health risks, family connections, and medical diagnoses. This type of data has also been used to exonerate the wrongfully accused and to finally apprehend long-hidden fugitives.
In 2018, deputies from the Sacramento County Sherriff’s department arrested a serial killer known as the Golden State Killer, after investigators took DNA left at decades-old crime scenes and compared it to a then-growing database of genetic information, finding the Golden State Killer’s relatives, and then zeroing in from there.
And while the story of the Golden State Killer involves the use of genetic data to solve a crime, what happens when genetic data is part of a crime? What law enforcement agency, if any, gets involved? What rights do consumers have? And how likely is it that consumer complaints will get heard?
For customers of 23andMe, those are particularly relevant questions. After an internal investigation from the genetic testing company, it was revealed that 6.9 million customers were impacted by the October breach.
What do they do?
Today on the Lock and Code podcast with host David Ruiz, we speak with Suzanne Bernstein, a law fellow at Electronic Privacy Information Center (EPIC) to understand the value of genetic data, the risks of its exposure, and the unfortunate reality that consumers face in having to protect themselves while also trusting private corporations to secure their most sensitive data.
“We live our lives online and there's certain risks that are unavoidable or that are manageable relative to the benefit that a consumer might get from it,” Bernstein said.
“Ultimately, while it's not the consumer's responsibility, an informed consumer can make the best choices about what kind of risks to take online.”Tune in today.
You can also find us on Apple Podcasts, Spotify, and Google Podcasts, plus whatever preferred podcast platform you use.
For all our cybersecurity coverage, visit Malwarebytes Labs at a href="https://www.malwarebytes.com/blog" rel="noopener noreferrer"...
The month, a consumer rights group out of the UK posed a question to the public that they’d likely never considered: Were their air fryers spying on them?
By analyzing the associated Android apps for three separate air fryer models from three different companies, a group of researchers learned...
Published 11/18/24
The US presidential election is upon the American public, and with it come fears of “election interference.”
But “election interference” is a broad term. It can mean the now-regular and expected foreign disinformation campaigns that are launched to sow political discord or to erode trust in...
Published 11/03/24