[ad_1]
The info watchdogs of the UK and Canada will examine genetic testing firm 23andMe over an information breach in October 2023.
Hackers gained entry to private info of 6.9 million folks, which in some circumstances included household timber, delivery years and geographic places, through the use of clients’ previous passwords.
One of many issues the joint taskforce will examine is whether or not ample safeguards had been put in place to guard such knowledge.
“We intend to cooperate with these regulators’ affordable requests,” 23andMe stated in a press release.
The info stolen in October didn’t embody DNA information.
23andMe is a huge of the rising ancestor-tracing business, providing genetic testing from DNA, with ancestry breakdown and personalised well being insights.
The corporate was not hacked itself – however fairly criminals logged into about 14,000 particular person accounts, or 0.1% of shoppers, through the use of e mail and password particulars beforehand uncovered in different hacks.
The criminals downloaded not simply the information from these accounts however the non-public info of all different customers they’d hyperlinks to throughout the household timber on the web site.
On the time, 23andMe stated it knowledgeable affected clients and made them change their passwords and replace account safety.
In accordance with the UK Info Commissioner’s Workplace (ICO), the information saved by 23andMe “can reveal details about a person and their relations, together with about their well being, ethnicity, and organic relationships”.
It stated this implies it’s “important” for the general public to belief the service.
The joint investigation between the information watchdogs will take a look at the dimensions of the hack and its potential hurt to customers in addition to whether or not ample safeguards had been in place.
It should additionally look into how 23andMe reported the breach, and if the agency adopted the proper processes within the UK and Canada.
“Within the mistaken arms, a person’s genetic info may very well be misused for surveillance or discrimination,” stated Canada privateness commissioner Philippe Dufresene.
[ad_2]
Source
