Millions of people use genetic testing companies like 23andMe to learn more about their ancestry and health. But a new data breach is highlighting the risks of having your ancestry information stored online — and what it might be used for in the event of hacking. Here's what to know.
In October, 23andMe announced that approximately 14,000 23andMe users’ accounts were breached; according to the company, the stolen data — which some hackers tried to sell via online forums — “generally included ancestry information, and, for a subset of those accounts, health-related information based upon the user’s genetics.”
It's since been revealed that the hackers used those compromised accounts to also access another 6.9 million profiles connected to the users’ DNA relatives and those on their family tree. Data from the DNA Relatives profiles consists of information that a customer chooses to make available to their genetic relatives, such as display name, predicted relationships and percentage of DNA shared with matches, when they opt in to that feature. Data from Family Tree profiles includes a limited subset...