this post was submitted on 06 Dec 2023
1338 points (99.1% liked)

Technology

59123 readers
2308 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

23andMe just sent out an email trying to trick customers into accepting a TOS change that will prevent you from suing them after they literally lost your genome ro thieves.

Do what it says in the email and email [email protected] that you do not agree with the new terms of service and opt out of arbitration.

If you have an account with them, do this right now.

Here’s an email template for what to write: https://www.patreon.com/posts/94164861

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 40 points 11 months ago (5 children)

Nobody's genome was lost. What happened was, users with weak passwords had their accounts compromised, something like less than 2,000 of them, and from those accounts, bad actors were able to access and download family tree data for something like 6.5 million accounts.

I don't really see how the data lost is actionable in any way except for the spoofed "Hey gramma! It's me! I'm in jail and I need bail money!" phone calls.

[–] [email protected] 38 points 11 months ago

From what I understand - the first action the bad actors are taking are releasing the family trees to "out" anyone with Jewish relatives.

So, just hate crimes to start.

[–] [email protected] 24 points 11 months ago (3 children)

One of the typical arguments is selling ancestry history to insurance companies, effectively handing them health data which could lead to up-pricing or rejections for customers with bad health history.

[–] [email protected] 9 points 11 months ago

That's 23andMe's end game anyways

[–] [email protected] 2 points 11 months ago

But at least the second one isn't allowed anymore. I'm not sure if the ACA addresses the first point.

[–] [email protected] 2 points 11 months ago

That is a whole different can of worms and should be illegal as well

[–] [email protected] 16 points 11 months ago (2 children)

Yes, and if my genome was stolen I'd probably be dead.

[–] [email protected] 7 points 11 months ago (1 children)

There needs to be a c/Literally lol

[–] [email protected] 0 points 11 months ago (1 children)

If you build it, maybe they'll come.

[–] [email protected] 3 points 11 months ago (1 children)
[–] [email protected] 3 points 11 months ago

I already came. And I will certainly come again!

[–] [email protected] 6 points 11 months ago

We can rebuild you. We have the technology.

[–] [email protected] 7 points 11 months ago (2 children)

I don't really see how the data lost is actionable in any way

Agreed unfortunately. An important thing in US law that people often don't know is that in most cases, you need to prove that you were damaged in some way. Unless the company broke a specific law, you probably just have to accept it until you have problems relating to identity theft. And even when that happens, you'd still need to prove that the the attacker used the lost 23andMe data.

I personally don't understand why people use these services in the first place. Let's all let some private company that we know nothing about build an absolutely massive database of people's DNA. And let's voluntarily do it and even pay them for that "service". Sure, that sounds like a good idea. What could possibly go wrong? Hope your minor curiosity was worth the massive privacy invasion.

[–] [email protected] 7 points 11 months ago (1 children)

I personally don't understand why people use these services in the first place.

In my case, I went through 23 and Me because 75% of my DNA comes from sources unknown. No idea who my father was or my maternal grandfather. So being able to fill in those gaps as well as helping to determine medical risk has been very useful.

[–] [email protected] 3 points 11 months ago* (last edited 11 months ago)

helping to determine medical risk has been very useful.

Thank to the American healthcare system's lobbyists, if a company sequences your DNA, they can't give you information related to health.

Which is why 23andme has a fraction of the stuff they used to.

I paid $5 to a third party to take my raw 23andme data and output a very nice html file (not online, in a zip file) that checks against common mutations for all types of shit. Not sure if they're still around, but they automatically delete your data once the HTML is sent out, if I want it again I don't have to pay again, but I do have to send them the raw data because they don't have it anymore.

Because they didn't sequence it, they can give me all the information without having to be a "healthcare provider" like 23andme would need to be to tell me the same info

[–] [email protected] 4 points 11 months ago

Building a massive collection of DNA is a really good thing from a research standpoint. Plus, it's helping solve a bunch of murder cold cases.