this post was submitted on 06 Dec 2023
1337 points (99.1% liked)
Technology
59709 readers
1866 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Nobody's genome was lost. What happened was, users with weak passwords had their accounts compromised, something like less than 2,000 of them, and from those accounts, bad actors were able to access and download family tree data for something like 6.5 million accounts.
I don't really see how the data lost is actionable in any way except for the spoofed "Hey gramma! It's me! I'm in jail and I need bail money!" phone calls.
From what I understand - the first action the bad actors are taking are releasing the family trees to "out" anyone with Jewish relatives.
So, just hate crimes to start.
One of the typical arguments is selling ancestry history to insurance companies, effectively handing them health data which could lead to up-pricing or rejections for customers with bad health history.
That's 23andMe's end game anyways
That is a whole different can of worms and should be illegal as well
But at least the second one isn't allowed anymore. I'm not sure if the ACA addresses the first point.
Yes, and if my genome was stolen I'd probably be dead.
There needs to be a c/Literally lol
If you build it, maybe they'll come.
I already came. And I will certainly come again!
We can rebuild you. We have the technology.
Agreed unfortunately. An important thing in US law that people often don't know is that in most cases, you need to prove that you were damaged in some way. Unless the company broke a specific law, you probably just have to accept it until you have problems relating to identity theft. And even when that happens, you'd still need to prove that the the attacker used the lost 23andMe data.
I personally don't understand why people use these services in the first place. Let's all let some private company that we know nothing about build an absolutely massive database of people's DNA. And let's voluntarily do it and even pay them for that "service". Sure, that sounds like a good idea. What could possibly go wrong? Hope your minor curiosity was worth the massive privacy invasion.
In my case, I went through 23 and Me because 75% of my DNA comes from sources unknown. No idea who my father was or my maternal grandfather. So being able to fill in those gaps as well as helping to determine medical risk has been very useful.
Thank to the American healthcare system's lobbyists, if a company sequences your DNA, they can't give you information related to health.
Which is why 23andme has a fraction of the stuff they used to.
I paid $5 to a third party to take my raw 23andme data and output a very nice html file (not online, in a zip file) that checks against common mutations for all types of shit. Not sure if they're still around, but they automatically delete your data once the HTML is sent out, if I want it again I don't have to pay again, but I do have to send them the raw data because they don't have it anymore.
Because they didn't sequence it, they can give me all the information without having to be a "healthcare provider" like 23andme would need to be to tell me the same info
Building a massive collection of DNA is a really good thing from a research standpoint. Plus, it's helping solve a bunch of murder cold cases.
What does this even mean?
I guess what I meant:
I'm not trying to be annoying. I genuinely believe you are trying to say something important but I just don't understand what you mean.