Genetic testing is a popular way to learn more about your ancestry, health, and traits. But did you know that your genetic data can also be stolen by hackers? In this blog post, we will share some tips from Bondgate IT, a leading provider of IT solutions and cybersecurity services in the north east of the UK, on how to protect your genetic data from hackers and unauthorised access.
Why is genetic data valuable and vulnerable?
Genetic data is sensitive and personal information that can reveal a lot about you and your family. It can also be valuable and attractive to hackers and other parties who may want to exploit it for malicious or commercial purposes.
For example, hackers may use your genetic data to:
- Blackmail or extort you. Hackers may threaten to expose your genetic data or use it to blackmail you for money or other favors. For instance, they may claim that they have evidence of your infidelity, health condition, or criminal history based on your DNA.
- Steal your identity. Hackers may use your genetic data to impersonate you or create fake identities for fraud or other crimes. For instance, they may use your DNA to bypass biometric security systems or access your medical records or insurance benefits.
- Discriminate against you. Hackers may use your genetic data to discriminate against you or harm your reputation. For instance, they may use your DNA to reveal your ethnicity, religion, or political affiliation and target you for hate crimes or harassment.
- Sell your data. Hackers may sell your genetic data to third parties who may use it for various purposes. For instance, they may sell your DNA to advertisers who may use it to target you with personalised ads or products based on your traits or preferences.
Your genetic data is vulnerable because it is often stored online by various services or platforms that offer genetic testing or genealogy. These services or platforms may not have adequate security measures or privacy policies to protect your data from hackers or unauthorised access.
For example, in recent incidents:
- Data from a subset of 23andMe users was compromised by attackers who guessed their login credentials and scraped their information from a feature called DNA Relatives. The hackers then posted and sold the data on a platform called BreachForums, claiming that it contained information about celebrities and ethnic groups.
- A hacker accessed the database of MyHeritage, another genetic testing company, and stole the email addresses and hashed passwords of 92 million users.
- A Florida detective obtained a warrant to search the entire database of GEDmatch, a genealogy service that allows users to upload their DNA data and find relatives. The warrant raised privacy concerns among users who had not consented to share their data with law enforcement.
How can you protect your data from hackers?
To protect your genetic data from hackers and unauthorized access, you should follow these tips from Bondgate IT:
- Use strong and unique passwords. One of the most common ways that hackers break into accounts is by using credentials that have been exposed in other data breaches. This is known as credential stuffing. To prevent this, you should use a strong and unique password for each account that you have. A strong password should be at least 12 characters long, include upper- and lower-case letters, numbers, and symbols, and avoid common words or phrases. A unique password means that you do not use the same password for multiple accounts or services. You can use a password manager to generate and store your passwords securely.
- Enable multi-factor authentication (MFA). Another way to enhance the security of your accounts is by enabling multi-factor authentication (MFA), also known as two-factor authentication (2FA). This means that you need to provide an additional piece of information or verification, such as a code sent to your phone or email, or a biometric factor like your fingerprint or face, to log in to your account. This adds an extra layer of protection in case your password is compromised. Many online services offer MFA as an option in their settings. You should enable it whenever possible.
- Review your privacy settings. Before you share your data with any service or platform, you should review their privacy policies and settings. You should understand how they collect, store, use, and share your data, and what rights and choices you have regarding your data. You should also opt out of any features or programs that you are not comfortable with or that are not necessary for your purposes. For example, 23andMe has a feature called DNA Relatives that allows users to find and connect with other users who share DNA with them. Users can opt in or out of this feature at any time. If you opt in, you should be aware that your data may be visible to other users who may be related to you or not.
- Delete your data if you no longer need it. If you have used a genetic testing service or platform and you no longer need or want your data to be stored there, you should delete it as soon as possible. This will reduce the risk of your data being exposed or accessed by hackers or unauthorised parties in the future. You should also delete any copies of your data that you have downloaded or uploaded elsewhere. You should check the terms and conditions of the service or platform to see how you can delete your data and whether they will retain any copies of it.
Your data is sensitive and personal information that can reveal a lot about you and your family. It can also be valuable and attractive to hackers and other parties who may want to exploit it for malicious or commercial purposes.
By following these tips from Bondgate IT, you can protect your genetic data from hackers and enjoy the benefits of genetic testing without compromising your privacy and security.
If you need any help or advice on how to protect your data or any other IT or cybersecurity issues, please contact us at Bondgate IT. We are an award winning leading provider of IT solutions and cybersecurity services based in Darlington in the North East of the UK, with over 25 years of experience and expertise. We can help you with:
- IT support and consultancy
- Cloud services and solutions
- Cybersecurity and compliance
- Data backup and recovery
- Hardware and software
- And more
We are here to help you with all your IT and cybersecurity needs. Contact us today for a free consultation and quote.