The Era of DNA Database Hacks Is Here

A major data breach shows genetic information is vulnerable to attack

Emily Mullin
OneZero

--

A close up of a gloved hand holding up a DNA autoradiogram next to a petri dish to illustrate genetic research.
Photo: Tek Image/Science Photo Library/Getty Images

On the morning of July 19, hackers accessed the online DNA database GEDmatch and temporarily allowed police to search the profiles of more than 1 million users that were previously not accessible to law enforcement. GEDmatch is a genealogy tool that allows users to upload their DNA profiles generated from genetic testing services like 23andMe, Ancestry, and MyHeritage and search for relatives.

It took three hours until GEDmatch became aware of the breach and pulled the site offline completely. Users have to give permission for their profiles to be included in police searches, but the breach overrode privacy settings and made user profiles on the site visible to all other users, including law enforcement officials who use the site.

“Our banks are always being probed, our DNA will probably be probed, too.”

The breach is likely to erode users’ trust in the database, which has become a valuable law enforcement tool for solving cold cases, like the high-profile Golden State Killer case. It may also be a sign of what’s to come: more attempted hackings of DNA databases, which contain a wealth of extremely personal information, like family…

--

--

Emily Mullin
OneZero

Former staff writer at Medium, where I covered biotech, genetics, and Covid-19 for OneZero, Future Human, Elemental, and the Coronavirus Blog.