The opinions expressed by columnists are their own and do not represent our advertisers

Wednesday, July 10, 2019

DNA-testing service exposed thousands of customer records online

DNA-testing service Vitagene Inc. left thousands of client health reports exposed online for years, the kind of incident that privacy advocates have warned about as gene testing has become increasingly popular.

More than 3,000 user files remained accessible to the public on Amazon Web Services cloud-computer servers until July 1, when Vitagene was notified of the issue and shut down external access to the sensitive personal information, according to documents obtained by Bloomberg. The genealogy reports included customers’ full names alongside dates of birth and gene-based health information, such as their likelihood of developing certain medical conditions, a review of the documents showed.

Vitagene said that the files dated from when the company was in “beta” testing and represented a small fraction of its customer base.

“We immediately opened an investigation and blocked access to the files,” Chief Executive Officer Mehdi Maghsoodnia said in an email. “We updated our security protocols in 2018 and have engaged an outside security firm to run external and internal penetration testing across our application.

Advocates say consumers may not understand the data privacy policies of at-home genealogy services. For example, 23andMe Inc. shares information from its clients with one of its investors, drug-maker GlaxoSmithKline Plc, to help develop new treatments and select patients for clinical trials. Law enforcement agencies have begun tapping DNA companies’ large databases to track down criminals, leading to last year’s capture of the Golden State Killer decades after the crimes. Companies also share DNA data to make a profit.



Anonymous said...

DNA TESTING stay away...

And that no man might buy or sell, save he that had the mark, or the name of the beast, or the number of his name.

Anonymous said...

5:54 - Huh??????? DNA testing saves live you idiot - almost all of the local doctor's offices are using it in some form because it helps them get ahead of little things like cancer. I tested positive for a colerectal marker and although I do not have cancer yet, I am taking steps with my doctor to stay ahead of this with an aggressive pre-treatment plan that includes significant monitoring and testing, diet, excercise, etc. The only thing that scares me about this stuff is that when companies like Quest and LabCorps have their data compromised.....anyway, go put your head back under the rock