Opinion | Someone hacked 23andMe to get our DNA | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

It was fun while it lasted. It was also probably inevitable that someone would hack 23andMe and steal our most cherished data: our DNA.

Like most of the 14 million other Americans who surrendered their saliva for DNA evaluation with 23andMe, I was mostly curious to find out whether I had any interesting ancestors or, even better, if I qualify as a minority. Like Sen. Elizabeth Warren, I had always been told I was part Native American.

Along came the genetic-testing fad, and I took the leap. What a disappointment. Except for a tiny fraction of Viking and less than 0.01 percent Somali, I’m as White as milled rice — roughly 60 percent Irish and 40 percent British. Oh, and I’m also partly Neanderthal, but then many of us are, up to 4 percent. Researchers at 23andMe put me at 2 percent. I’m also told I have more Neanderthal genotypes than 67 percent of the company’s other “customers.” But I have fewer than my half sister, a first cousin and assorted others.

Customers are, of course, what us test-tube expectorators are. We pay for a DNA analysis and regular updates about our health propensities, personality traits and other fun trivia that is only as scientifically sound or useful as the number of other customers in the sample.

In other words, new evidence of possible — always “possible” — relatives or insights into our behavioral tics become more accurate as the pool of customers expands. In the grand scheme of humanity, 14 million people is a drop in the genetic bucket. Even if it were 333 million, the U.S. population, it would be measly, given that some 8 billion people live on the planet.

Thus, I’m not sure why anyone feels enlightened when they learn, for instance, that they, like me, have a hard time getting rid of things seldom used (true) or probably don’t fear heights (false). About half the personality traits I’m supposedly more likely to have because of my DNA are way off. Nevertheless, they’re somewhat fun to consider — like reading one’s daily horoscope. Most people wouldn’t set their calendars according to a prophecy based on the alignment of stars and planets, but they might still read it.

Now, it turns out all the information we naively thought was protected is in the hands of some creep. The hacker not only figured out how to get into the 23andMe database but, in a dark twist, specifically targeted Jews. In addition to DNA findings, the database includes customers’ personal contact information, not to mention the names of their family members. For what nefarious ends the hacker may have wanted this information we can only guess with trembling hearts.

As the world reels from the savage Hamas attacks on Israel and the taking of hostages, including children, we are reminded that antisemitism is on the rise everywhere. In the past decade, here at home, the number of antisemitic incidents rose almost 500 percent, according to the Anti-Defamation League. This includes harassment, assaults and vandalism. The ADL report found a 41 percent increase in antisemitic activities on college and university campuses in 2022 as well as a shocking 49 percent increase at K-12 schools.

Social media have played an outsize role in disseminating targeted hate — and not just toward Jews. It was only a matter of time before some educated kook hacked the genetic playground to access specific groups’ personal information. In an email to its customers, 23andMe offered tips for dealing with the piracy of their privacy, such as changing passwords and using two-factor authentication. But is that enough? Other digital experts have recommended opting out of consenting to the use of your DNA for research beyond the basics — or dropping out altogether.

Of course, if people start dropping out, then the DNA tapestry unravels and it will be harder to find those long-lost cousins. My aunts used to hike through cemeteries and pore over death certificates to fill in the family tree before, which offers many of the same programs as 23andMe, though not as entertainingly. Ancestry is bridge to 23’s Candy Land.

The 23 heist reminds us how fragile our privacy is in the digital age — to the extent it exists at all. Some experts have suggested that DNA companies should be subject to rules and regulations in the Health Insurance Portability and Accountability Act, which protects individuals’ health information from unauthorized use, access and disclosure. But then, no law is an obstacle to hackers, who might never be caught. In the future, hackers won’t even be human.

At a hacker convention in 2016, a game was played called Cyber Grand Challenge, in which computers competed with each other to hack programs defended by artificial intelligence. As reported in Harvard Magazine earlier this year, “what transpired that day was a sobering glimpse of a not-too-distant future when AIs can find and exploit vulnerabilities with superhuman speed, scope, scale, and sophistication. These future AI hackers won’t be limited to computers. They will hack financial, political, and social systems in unimaginable ways — and people might not even notice until it’s too late.”

Suddenly, it doesn’t seem that important for anyone to know they are more likely than other people to itch from mosquito bites. In my case, it’s also false, or at least irrelevant. Mosquitoes apparently find me unpalatable. As for 23andMe, I’m out.


Click Here For The Original Story From This Source.

National Cyber Security