23andMe, the popular genetic testing company, reported a data breach in October, which was later found to have impacted nearly 14,000 user accounts. Unfortunately, recent information has uncovered that the actual impact of the breach extended much further than a small fraction of users. According to Wired, the attackers collected the personal data of around 5.5 million people who had opted to use the company’s DNA Relatives service, along with an additional 1.4 million DNA Relatives users.
The data stolen included display names, relationship labels, predicted relationships, and percentage of DNA shared with DNA Relatives matches. Additional data including ancestry reports, self-reported locations, ancestor birth locations, family names, profile pictures, birth years, links to self-created family trees, and other profile information was also compromised.
The incident speaks to the importance of user data sharing between companies and software features that promote social sharing, especially when the information puts personal details about user identity at risk.
The devastation of the breach is a wake-up call for businesses to bolster cybersecurity efforts. While no industry is fully safe from a cyberattack, sectors in healthcare, financial services, legal services, and any company like 23andMe that deals with confidential data on a large scale are especially vulnerable.
Cyber breaches can be devastating to any organization’s reputation and bottom line, regardless of company size or revenue. To stay ahead of cyber risks in your organization’s network, you can schedule a free consultation with us today.
Contact us for a free consultation at sales@optfinITy.com or 703-790-0400.