DNA testing site 23andMe hacked

DNA testing site 23andMe hacked, putting customers' data at risk

By Marcine Graham Texas

UPDATED 12:30 PM CT Dec. 11, 2023 PUBLISHED 7:55 AM CT Dec. 11, 2023 PUBLISHED 7:55 AM CST Dec. 11, 2023

DALLAS — Hyram Bautista recently submitted his 23andMe kit.

“So I’m Dominican and I wanted to know a little bit more about where my great-grandparents came from,” he said.

Through DNA genetic testing, he found his extended family.

“It’s pretty cool because it’ll show me second cousins, first cousins, uncles, aunts,” he said.

Bautista works in cyber security and when he heard about the 23andMe data breach, his concerns began brewing on what hackers could do with access to a copy of his DNA.

“It’s my DNA. I’m the only Hyram Bautista, and so it is a little bit weird that somebody in the world has that information about me. But all I can do is hope that, you know, the people that have this information aren’t using it for mal intentions,” he said.

According to the biotech company, Hackers gained access to personal information from about 6.9 million users by using customers’ old passwords. The stolen data includes information such as names, how they are linked through birth years, locations and percentage of DNA shared with relatives.

“Your DNA is not changeable like your password," said Dr. Murat Kantarcioglu, a professor of computer science at the University of Texas at Dallas and an expert in health data privacy.

He says hackers accessing 23andMe biological information could target users through scams.

“In 23andMe if you have medical records, those medical records could be used now — to send you spam, phishing attacks, saying there’s this new drug trial for this disease. Would like to join us? Oh, well send us $1,000," Dr. Kantarcioglu said.

In a statement to Spectrum News 1, 23andMe said in part:

“Since detecting the incident, we emailed all customers to notify them of the investigation and are continuing to notify impacted customers, based on applicable laws. Protecting our customers’ data privacy and security remains a top priority for 23andMe, and we will continue to invest in protecting our systems and data.”

Meanwhile, Bautista hopes his data doesn’t end up in the wrong hands.

“My hope is that they would, you know, invest more into securing this information and making sure that hackers don’t come back in again,” he said.