The recent bankruptcy filing by genetic testing company 23andMe has sparked serious questions, not just about the future of the business, but about what happens to the vast amount of genetic data it holds. While financial headlines focus on liquidation and restructuring, a deeper, more personal issue lurks: How safe is your most sensitive data right now? The implications for cybersecurity are vast. Millions of individuals entrusted 23andMe with their most personal information – data that, if mishandled or exposed, could lead to lifelong consequences. To stay secure, individuals and businesses need to act and be aware of why and how this matters.
Why Genetic Data Is a Prime Target for Cybercriminals
To threat actors, genetic data is more than just health-related information – it’s a comprehensive identifier. It can reveal your heritage, predispositions to disease, familial relationships, and more. And unlike a compromised password, your DNA can’t be changed.
Here’s why genetic data is so attractive to criminals:
– Identity Theft: Combined with other breached data, genetic profiles help build more complete digital identities.
– Blackmail or Manipulation: Sensitive information about health or family secrets could be exploited.
– Insurance or Employment Fraud: Some may use genetic data to commit fraud or deny services.
Potential Vulnerabilities in Times of Transition
While the 23andMe bankruptcy unfolds, concerns escalate about what might happen to its stored data. Although the likelihood of certain scenarios might seem remote, the risk isn’t zero, especially in a time of organizational instability.
Areas of potential vulnerability include:
– Inconsistent Data Handling During Transfers
– Reduced Cybersecurity Resources
– Unclear Third-Party Access
Mitigating Risk: What Individuals Can Do Now
If you’ve used 23andMe or a similar service, taking proactive steps now is critical. Here’s what you should do immediately:
- Delete Your Data from 23andMe:
– Log into your 23andMe account at https://www.23andme.com
– Navigate to Settings from your account dashboard
– Scroll down to the “Delete Your Data” section
– Follow the on-screen prompts to delete your genetic data and account information
– Confirm your request via the email sent to your registered address
– Note: Deleting your data is permanent and cannot be undone - Use Identity Monitoring Services
3. Know Your Rights
4. Rethink What You Share Moving Forward
What Organizations Should Be Doing
Companies – especially those handling sensitive data – must treat this as a wake-up call. Even if you’re not in the biotech space, the ripple effect of breaches like this extends far and wide.
Here’s what responsible organizations should prioritize:
– Security Audits and Risk Assessments
– Data Encryption
– Access Control
– Incident Response Plans
The Critical Role of MSPs
Managed Service Providers (MSPs) aren’t just behind-the-scenes support anymore, they’re essential partners in preparing businesses to defend against cyber threats. Especially during uncertain times like this, MSPs must position themselves as the go-to resource for their clients.
Here’s how MSPs can lead the charge:
– Employee Cybersecurity Training: Ongoing training is critical. Especially around handling PII and understanding what can happen if it falls into the wrong hands.
– Continuous Monitoring and Threat Detection
– Policy Guidance and Compliance
– Proactive Risk Management
Takeaways
23andMe’s bankruptcy may feel like a distant headline, but the cybersecurity risks it surfaces are close to home for millions. Whether you’re an individual concerned about your data or a business entrusted with protecting client information, the time to act is now.
At Breach Secure Now, we’re here to help you get ahead of the next data breach—not just clean up after it.
👉 Request a demo today to see how our cybersecurity training and monitoring solutions can help protect your clients, your team, and your business.
