DNA Test Kits & Privacy: It's Worse Than You Think
Ғылым және технология
These DNA testing kits may sound "fun," but as the recent 23andMe hack reveals, there's a hidden danger most people ignore. Here's the truth behind this unregulated industry, how easily they can be hacked and what you can do about it - even if you've already taken a test.
▶ Learn about the 23andMe hack: edition.cnn.com/2023/12/05/te...
▶ How to Delete Your 23andMe account: customercare.23andme.com/hc/e...
If you care about your personal security and privacy online, download my free security checklist here:
✅ Security Checklist: www.allthingssecured.com/secu...
🔹🔹What to Watch Next🔹🔹🔹
We've got even more practical privacy- and security-related content here on the All Things Secured KZread channel. If you're wanting to strengthen your online cybersecurity, here's what's next:
✅ How to Setup and Use a Password Manager: • ULTIMATE Password Mana...
✅ Privacy & Security Changes You MUST Make: • Privacy & Security Cha...
✅ Free Security Tools Everybody Should Use: • FREE Security Tools EV...
🔹🔹Support All Things Secured (Recommended)🔹🔹
If you enjoy this kind of practical security and privacy content, one of the best ways you can help support this channel is by using these affiliate links to our favorite products and services. When purchasing through these links, you not only get the best available deal, the companies will also pay us a small commission. Thank you for your support!
✅ Recommended Password Manager: www.allthingssecured.com/yt/1...
✅ Recommended Identity Monitoring: www.allthingssecured.com/try/...
✅ Recommended 2FA Security Key: www.allthingssecured.com/yt/y...
✅ Recommended Secure Email: www.allthingssecured.com/try/...
✅ Recommended VPN: www.allthingssecured.com/try/...
*********************
Video Timestamps
*********************
0:00 - 23andMe was Hacked
1:08 - Quick History of DNA Testing
1:44 - DNA Companies aren't Healthcare Providers
2:13 - How 23andMe Got Hacked
3:23 - Legitimate Genetic Testing
4:19 - Should You Take a Consumer DNA Test?
4:48 - How to Delete Your 23andMe Profile
*********************
DNA testing company 23andMe confirmed in December 2023 that the DNA data for over 7 million accounts was compromised in a recent hack. This puts a spotlight on a growing industry that is mostly unregulated, particularly in the way they collect and store consumer data. So what does that mean for you and your privacy?
#privacy #dnatest #23andme
Пікірлер: 153
Have you or one of your friends/relatives ever taken one of these DNA ancestry tests? What was your overall impression?
@REVNUMANEWBERN
5 ай бұрын
Nothing like giving you medical profile away
@Miller1398
5 ай бұрын
I did one thru National Geographic. They explained the results which basically say that the ethnic/country origin info for people of European origin is meaningless. Being one quarter Scandinavian doesn't mean you have an ancestor that came to America from Scandinavia. Europeans are such mixed up mutts from centuries of migration as recently as the last century that the results are meaningless. There are people on the internet who sent samples to other testing sites from twins and got significantly different results between twins
@Music-gw4qf
5 ай бұрын
lol Nope
@trumpetplyrmatt
5 ай бұрын
Nope. I refuse to take tests like this. I tell everyone to stay away from them. I don’t want anyone using my DNA for anything.
@specialk9999
5 ай бұрын
Nope, the whole DNA ancestry testing sounds sketchy.
It's alarming how little this industry is regulated. WIth DNA becoming more significant with each passing year (biometrics, govt ID, law enforcement, etc.), putting your DNA in the hands of these companies is crazy.
@AllThingsSecured
5 ай бұрын
Agreed.
@BillAnt
Ай бұрын
@@AllThingsSecured- When you see an identical Josh clone walking by you, you'll know for sure they got hacked. lol
You've totally ignored the benefits of testing for folks who were adopted or separated from family for other reasons and are looking to connect with their blood relatives. I spent 46 years searching for my biological relatives following adoption. After submitting my DNA to Ancestry, I found my birth mother within a year, and my birth father shortly thereafter. DNA testing is a real blessing for a great many people.
@mlordwhiteslayerfromf.u.g
4 ай бұрын
It's great until insurance providers start discriminating against people based on their genetic information.
@lesleywilliams1210
29 күн бұрын
Yes, and if I hadn’t tested, one such family riddle would not have been solved for another user. Whereas we can use pseudonyms, have a substitute date of birth, and used a password manager etc.
There are not enough legal or data security precautions in place for me to do this type of analysis. Maybe one day when laws change and data security improves I will do this but I doubt that is any time soon.
@AllThingsSecured
5 ай бұрын
I doubt that as well.
It's amazing how many recommendations have popped up since I watched this video, of channels covering this DNA topic, and the dangers involved.
I took a Whole Genome Sequencing DNA test 3 years ago. A Whole Genome Sequencing DNA test examines your entire genome, not just the 0.1% like Ancestry, 23andMe, and MyHearitage does. The Whole Genome Sequencing DNA test was $399.00 when I took it. Anyway, I loved my ancestry results from my Whole Genome Sequencing DNA test , but I deleted my account a month ago, since data breaches are so common these days. But before I deleted my Whole Genome Sequencing DNA account, I saved my ancestry results and had them hanging on the wall in my bedroom. No more DNA tests for me.
@MsPeabody1231
3 ай бұрын
They may still have your data. Depending on the countries the company works in deletion just means they can't use your data for commercial purposes. It doesn't mean they can't keep your data for a few years or forever.
@drunkensquirrel7545
3 ай бұрын
I regret buying that kit on a whim 1.5yrs ago. Now I'm glad I never got around to using it. I guess procrastion runs in my family.
More Government is not the answer. Government is or will become the biggest breach of your privacy.
@AllThingsSecured
5 ай бұрын
Very true.
@trumpetplyrmatt
5 ай бұрын
They already have unfortunately
@coweatsman
2 ай бұрын
Government can use corporations as a cover of deniability. In fact corporations are worse than governments.
Thank you very much for such an informative video, I really appreciate it!
I was aware of this before I did it, I was still curious.
Never will do such an analysis. They will use it against me.
@INGIE32
5 ай бұрын
Same
@AllThingsSecured
5 ай бұрын
Who is "they"?
@ikust007
5 ай бұрын
@@AllThingsSecured when sold on black market , any insurance company .
@katlehomoletsane9480
2 ай бұрын
@@AllThingsSecuredWho isn't 'they'?
@MalevolentMessiah
2 ай бұрын
@@AllThingsSecuredthe small hats
That’s just, like, your opinion man.
I think paternity testing is very important because all people make mistakes whether big or small ones. As far as my origin: I am a human and this is the most important thing here.
Truly fascinating and worrying. The thin end of the wedge in due course, I fear. Thank you.
@AllThingsSecured
5 ай бұрын
Thanks for watching and commenting!
@SpiritintheSky.
5 ай бұрын
Thank you very much, sir. Yet more evidence that our intimate lives are up for grabs, to add to the mass of facts used by others to make money without paying a royalty! @@AllThingsSecured
The DNA information would be extremely useful if someone were wanting to build a specific virus to target another countries population.
@AllThingsSecured
5 ай бұрын
Ouch
@Music-gw4qf
5 ай бұрын
like Ai
@shotelco
5 ай бұрын
That would be the *CRISPR/Cas9* system that is used to make permanent alterations - in Vivo (performed or taking place in a living organism) - in human genes at the genetic level, that is also capable of being passed on to children. CRISPR/Cas9 is adapted from a _Naturally Occurring_ genome editing system that bacteria use as an immune defense. This technology is nothing new, and generalized DNA data isn't required.
@Lybrel
5 ай бұрын
The hacked information was bought by someone in China so there's that.
@damonroberts7372
5 ай бұрын
Not so much, although I understand this is a common fear. It can be difficult for people to understand, but there is much more genetic diversity _within_ human populations than there is genetic diversity _between_ human populations... and our species as a whole is not very genetically diverse (all humans alive are about 99.9% genetically identical). The "racial identifiers" that people people make a big deal about, like facial features or skin colour, don't make useful targets for viruses. Cell surface antigens do, and they're not racially specific. If I needed a kidney transplant, it wouldn't matter what "race" the donor was, or which continent/s their ancestors came from.
Thanks to your video and the recent breach I've finally deleted my data. But I'm still worried that I've left it too late and they've already sold backup copies to other companies.😕 If this is the case, then it's probably out of 23andme's control, is that right?
@AllThingsSecured
5 ай бұрын
If they sold it then yes. But I don’t think their privacy policy would have allowed them to sell that data.
That’s not really 23andMe‘s fault, especially with passwords the User is responsible for choosing a secure one, and then after it the Company is responsible for securing the database and using best practices to secure you. Security is only as strong as it’s weakest link and when an end user is not willing to invest in a secure and especially unique password then it’s basically their fault. You can force someone to use 2FA or Fido2 or a 60 character password, but you should give the user always the choice and possibly to use as much security features as possible. And it’s not that they didn’t offer 2FA, in this case it was just the fault of the users.
@liverleef
4 ай бұрын
Yup, not 23andmes fault. My facebook acct got hacked because I was using the same login as my Linkedin acct. Clearly Linkedin could have done some things better but I could have prevented what happened to me and I bare the blame. Always use 2FA when possible, always use complex passwords and do not reuse passwords. Lesson learned
Thank you I was about to order mine
I did the 23 and I couldn't get back into my own account. Then they were hacked.. They wouldn't give me my own info for login. so why couldn't they give me my own information? The address didn't change. I Just don't know the email. Or password. I saved it to another phone used to get the kits for Christmas.
When I read that they could do whatever they wanted with your information I knew I would never be doing one. The last thing I need is to have to single-handedly defeat a clone army of incredibly handsome, strong and smart warriors.
@AllThingsSecured
5 ай бұрын
Hahahaha!
the ceo of 23and me Anne Wojcicki is the sister of former youtube CEO Susan Wojcicki. also Anne is married to Sergey Brin, Google co-founder. .
@AllThingsSecured
5 ай бұрын
Wow...I had no idea. That's crazy.
I have been recently tempted by these tests and was even looking at some of the online discounts yesterday. Glad I saw this video before going through with it!
@AllThingsSecured
5 ай бұрын
I'm glad you did as well!
Thank you
@AllThingsSecured
5 ай бұрын
🙏
Knew something was sus when the test kit I bought mailed all the way from Israel to Australia, but was too late since I paid for the kit through my heritage already… did find out I’m 9.8%italian though lol
@AllThingsSecured
5 ай бұрын
Congratulations! 😂
@Mazokn
5 ай бұрын
@@AllThingsSecured Probably one of my ancestors got knocked up by a pizza delivery guy in Xinjiang 100 years ago🤣
4:29 thank you for this. I just purchased this. And I’m going to throw it away
23 and me had a Sign in with Apple option.
@AllThingsSecured
5 ай бұрын
Really? I didn't know that.
That's why a lot of my friends refuse to take one of these tests
Never! When law enforcement needs a warrant for your DNA and people give their most personal identifier away for free is crazy.
I wonder why if someone has 0.5 American Indian it shows yellow ( like it's suppose to) in the North Americas but if you have 0.4 African and it HIDES it in the gray & does not color in those parts of Africa. Is 0.1% a difference or is the CEO prejudice? I had wondered this
Glad i never did this
@AllThingsSecured
5 ай бұрын
You and me both.
I did one with ancestrydna years ago I regret it so badly
When these tests first became available, I was very curious to try them out. That is until I read the fine print about them retaining your DNA information. I will never willingly put my biological data into any database. I wish that I never allowed myself to be fingerprinted 40 years ago when I got one of my first jobs in security. Nope, I have nothing to hide, but who knows, someday I might :)
@AllThingsSecured
5 ай бұрын
Privacy is something which - once given away - can never be taken back again.
I have a 23AndMe account which I will keep. My passwords are long, random character strings, solid, generated by password manager, passwords.
In other worlds, about 1 in 500 used the same password as a breach. So, 1 user compromised 499 other users, do we really think that level of password security is going to happen for even all 100 users. How many people subscribe to a password managers, or add MFA, yeah, the PSA still requires action by people, and given car crashes occur daily, odds of dying are 1 in 107, according to the National Safety Council of America, likely due to some issues, good luck getting all users passwords to be unique everywhere. Secure by design is needed years ago.
Love the channel, but unless I missed something, 23 and Me didn't get hacked, a bunch of their users did due to security laziness and bad practices. That said, I bought a kit from them years ago and then said, "nope, not going to do it," for reasons mentioned here. I called them and they refunded my money minus something like $25 for the cost of the kit, so people aren't necessarily out the entire fee if they make a phone call. Not sure if this is still their policy but worth trying. Keep up the videos, I enjoy them! Posting from an alter ego :)
@AllThingsSecured
5 ай бұрын
Thanks for the comment! And to a degree I think you're right - it was the users who got hacked - but in this day and age a company like 23andMe should require some kind of 2FA security and if hackers do get in, they shouldn't be able to access 7 million DNA profiles from just 14,000 hacked accounts. Something is wrong with 23andMe for that to happen.
Are we just going to ignore how Mr. Pitchfork looks like Josh's older brother?!
@AllThingsSecured
5 ай бұрын
Ha...I was hoping you wouldn't notice.
HUM, .......... you know what happens when auto insurance rates or lack of coverage is based on a DATABASE of your driving records LOL
@AllThingsSecured
5 ай бұрын
It really depends on your driving habits :)
This doesn’t make any sense. If somebody uses my stolen credentials to log into my bank account, they don’t get to see all the other customer’s accounts at the bank. Do 23andMe members get to see other users data? Otherwise, they must have hacked into a database to get all that information.
@MsPeabody1231
3 ай бұрын
They get to see family matches. People leave their birth date, full name and location available on the site for others to connect to. This can then be linked to other sites and data e.g. social media. People don't realise you don't have to give out this personal information on any site. So you can use some initials or fake name, give an approximate date of birth and another/wider location.
how are password managers safer its created on line correct if so then it cant be safer maybe from humans but not ai
@lussor1
5 ай бұрын
???????
@AllThingsSecured
5 ай бұрын
Do some research on password managers then come back.
@a1isrising
5 ай бұрын
@@AllThingsSecured ok i will as im not tech savvy so my comment may come as ignorant to you but i just think if its on a device or online its already comprimised also looking forward to your live stream coming up soon thanks for all the info
@spirit.canada
5 ай бұрын
Although Password managers save your passwords online, they do that by creating an encrypted vault that only you have a key to it. They also allow you to create a very complicated and unique password for each website that you don't need to remember. On op of that, they support multifactor authentication such as yubikeys and fido2. I hope that helps.
I took one of these test with 23andme when I wasn't very privacy conscious yet, sigh. I do use a different password (and nowadays also masked email addresses) for every site but it's probably too late. I will delete my account though.
@AllThingsSecured
5 ай бұрын
Yea, it's not the end of the world. Deleting the profile is probably the best you can do.
NOOOOOOO! I must know about my Scottish roots!!! 😆 Actually, I did take a test many years ago, not with 23 and me, and long before I heard about using biometric data to target people groups. And they confirmed that yes, I AM almost half Scottish. Of course, most of the rest of me is English! So basically I’m a descendant of two nations that hate each other. 😂 On a serious note, I don’t know about the ethnic minorities, but I’m guessing that most of the Caucasian population of the U.S. has many ethnicities in their background. How would knowing that help another country attack the U.S. with directed bioweapons? Seems like it wouldn’t be very directed. I’m asking a serious question; I’m not saying it can’t be done. Maybe I’m not thinking evil enough.
@AllThingsSecured
5 ай бұрын
Haha! Thanks for the comment. I don't think knowing that would help another country attack the US - that wasn't my point. As far as China is concerned, I was just making a joke about how they gather all this intel in secret and here in the US we just tell people to pay to send in their DNA samples :)
this wouldn't have been this big of a problem if people stopped using the same password everywhere.
@AllThingsSecured
5 ай бұрын
That is a problem, to be sure.
A seldom discussed problem with these things is disclosure by proxy. Say , for example, my sister gets deeply into this and provides DNA samples, she also traces OUR family tree and discloses information about me and my children without my knowledge.
@Miller1398
5 ай бұрын
And is she disclosing the truth or family lore? I traced my ancestry using census/birth records/etc and found family lore that was wrong. A relative has posted the lore even when shown the records. I am not related to some of the people they say I am
@jbrock8596
5 ай бұрын
Exactly right. Even if you and I don't choose to participate, a lot of information can be put out there about us without our knowledge or even consent.
@AllThingsSecured
5 ай бұрын
Yea, it's unfortunate that you don't have to consent.
@jim4859
5 ай бұрын
that was an example. I'm mostly considered a curmudgeon who refuses to be in family pictures because they get shared on the Internet.
LMFAO; this new tickles my heart. the government isn't gonna put an end to the practice or regulate it but one could dream
@AllThingsSecured
5 ай бұрын
Who knows... :)
👍🏻
@AllThingsSecured
5 ай бұрын
🙏
I don't like when you go for a physical and the next thing is we need to draw blood 😮. NO! How do you know if it's not one of those companies doing the testing of your blood 🤔! My sister was going to until she learned how they use it and it pretty much belongs to them for every.
@AllThingsSecured
5 ай бұрын
I think it's different when you're dealing with a hospital and a licensed doctor, FYI.
@alpheendomination
Ай бұрын
If you request that they destroy your sample and data, they will. Even if they didn't, that would go against the data protection act. People act like these companies are not restrained by any laws, but they are.
Pitchfork😂🤔😭🙃😁
The way that this video describes it, 23&Me was hacked. But then in your explanation you simply state that passwords stolen elsewhere were utilised directly. That's not hacking that's simply re-using what was left lying around. It's garden variety unauthorised access. Is there something else I'm missing here? Was 23&Me actually breached by unauthorised actors or did those actors in fact have valid credentials obtained from systems not owned by 23&Me?
@alpheendomination
Ай бұрын
No they weren't, they were not hacked, there was no data breach on their behalf. This happens all the time on much smaller scales and cannot be prevented.
First comment ❤
@AllThingsSecured
5 ай бұрын
Congrats
@yuvarajy7111
5 ай бұрын
@@AllThingsSecured bro since past 3 videos am the am guy who replies to your video give me anything 😭 Can you give me Nord vpn for 1yr free
Algorithm.
@AllThingsSecured
5 ай бұрын
Thanks for watching.
@MikeHunt-rw4gf
5 ай бұрын
@@AllThingsSecured You're welcome.
You have to be out of your mind to actually pay to give your DNA to these companies. I protect my DNA so much that I wouldn’t even give it for a paternity test .
@AllThingsSecured
5 ай бұрын
While I agree, that doesn’t take away from the fact that millions and millions of people have done it.
@alpheendomination
Ай бұрын
I can guarantee you give up far more of your information, lots without even realising
@CANCELMEE
Ай бұрын
@@alpheendomination the post office don’t even have my address, trust me if I give out information I’m aware and aloud it .
@alpheendomination
Ай бұрын
@@CANCELMEE Are you aware of how much information your search engine is keeping on you?
@CANCELMEE
Ай бұрын
@@alpheendomination no I’m just freely roaming the internet without a care in the world
lol Nope
@AllThingsSecured
5 ай бұрын
Good for you :)
Bs, always blaming the consumer. Someone using the same password on 2 or 3 sites dont equal a major hack like that.
@AllThingsSecured
5 ай бұрын
When did I say it was the customer's fault?