Curious about your ancestry? Or looking for early warning signs of health issues that might be prevented? If so, you may have elected to have your DNA analyzed by a company that can provide those answers. But what happens if that company gets hacked?
It’s already happened to the genetic testing company 23andMe, which revealed that almost 7 million people were impacted by a security breach. The hackers obtained DNA ancestry data, as well as files containing other personal profile information on its clients. And because part of the ancestry service includes the creation of a “family tree” with all of the applicant’s relatives, some of their private information was accessible as well.
Soon after, profiles of those impacted were being sold on the dark web for anywhere from $1 to $10 per account.
What Can You Do?
Not much – at least after the fact. Any information shared online is always going to be vulnerable to hacks.
The best you can do is limit the damage that may be caused when someone obtains a few personal details about you and tries to build a more complete profile, that they can use in a phishing attack or identity theft attempt. These include masking your cell phone number with a VoIP number, using security emails for most online activity instead of your real email address, and hiding your online browsing and search activity with NordVPN.
All of these services are provided to our Premium clients, and can be acquired a la carte by our Basic clients.
Also, change your passwords often. It’s annoying, yes, but it also makes them more difficult for scammers to acquire.
Use extra caution before clicking on any email link – even if the email appears to come from someone you know. If anything seems fishy about it, take a moment and verify that it is authentic. Be especially vigilant with any work email accounts, as these will be the ones most susceptible to phishing.
Every System is Vulnerable to Ransomware
We can’t stop incidents like what happened to 23andMe at the source, but we can make sure that the individuals and organizations under our protection are spared the worst of the repercussions.
Here’s what happens in a typical ransomware situation: hackers sell the information they’ve collected to anyone who wants to buy it. If it’s acquired by someone who can put that information together with other content where personal information may reside, such as government records, school records, or loyalty clubs where you dine out or shop, it will be used for a never-ending barrage of scams and other attempts to hack accounts and steal money.
However, our clients have already been removed from those other databases, so even after a ransomware attack the ultimate harm to anyone with online privacy protection can be significantly reduced. As always, the less scammers know about you, the safer you are.
Monitoring the internet for privacy violations is a full-time job – and you already have one of those. But IronWall360 is on the case. Whether it’s a result of ransomware, sites that specialize in selling data, or a club or group that is not aware it could be putting some of its members in danger, we’ll make sure that content comes down – whatever it takes.