Snippet: Why a DNA Data Breach is Much Worse Than a Credit Card Leak ☍

Angela Chen for The Verge:

This week, DNA testing service MyHeritage revealed that hackers had breached 92 million of its accounts. Though the hackers only accessed encrypted emails and passwords — so they never reached the actual genetic data — there’s no question that this type of hack will happen more frequently as consumer genetic testing becomes more and more popular. So why would hackers want DNA information specifically? And what are the implications of a big DNA breach? […]

As the Equifax hack last year showed, there’s a lack of legislation governing what happens to data from a breach. And ultimately, a breach of genetic data is much more serious than most credit breaches. Genetic information is immutable: Vigna points out that it’s possible to change credit card numbers or even addresses, but genetic information cannot be changed. And genetic information is often shared involuntarily. “Even if I don’t use 23andMe, I have cousins who did, so effectively I may be genetically searchable,” says Ram. In one case, an identical twin having her genetic data sequenced created a tricky situation for her sister.

When all these “send us your DNA and we’ll tell you about yourself” services popped up, I was skeptical for a number of reasons, one being the overall lack of concern as a culture for any kind of data breaches. While leaked credit card information is frustrating, my issuers have been good about getting me replacements and not holding me liable. Social security numbers and now DNA are much more permanent and the Equifax hack has proven that nobody seems to care if your social security number is out there. Why would DNA be any different?