The US genetic analysis start-up 23andMe is facing major challenges. The company was rocked by a data scandal when cyber criminals stole the data of almost seven million users. The consequences were serious: a class action lawsuit ended in a settlement that will compensate users with 30 million dollars.
Despite these problems, the users' genetic data remains accessible even after a Account deletion partially stored. This raises serious questions about the Privacy and to the Privacy on. 23andMe justifies this with legal obligations, which is further fueling the debate on the handling of sensitive genetic information.
Important findings
- Data of almost 7 million users stolen in a cyber attack
- A class action lawsuit led to a 30 million dollar settlement
- Genetic data remain even after Account deletion partially saved
- 80% of users consent to the use of their data for research purposes
- Strict rules apply to commercial genetic tests in Germany
The current status of 23andMe
The 23andMe Finances are currently facing major challenges. The company, which was once valued at six billion US dollars, is in a precarious situation.
Financial situation and stock market listing
The Stock exchange listing from 23andMe is on shaky ground. The share price has fallen to USD 0.29 - a dramatic loss in value of 98% compared to the previous valuation. This significantly jeopardizes the listing on the Nasdaq stock exchange.
Massive loss of value and management changes
The financial difficulties have led to extensive Management changes led. Seven independent members of the Management Board resigned in mid-September. Only founder Anne Wojcicki remains on the Board and is even considering delisting the company from the stock exchange.
Current valuation and future prospects
The Future prospects of 23andMe are uncertain. The company has discontinued its drug development plans and is now focusing on commercializing its database. Despite the challenges, 80%'s customers agree to use their genetic data for disease research.
| Key figure | Value |
|---|---|
| Current share price | 0.29 USD |
| Loss in value since peak valuation | 98% |
| Consent to the Data usage for research | 80% of the customers |
| Board members who have resigned | 7 |
The data scandal at 23andMe
The 23andMe data scandal shook the world of genetic testing. A Hacker attack led to the compromising of User data at the well-known DNA test provider. The consequences of this incident were far-reaching and raised serious questions about the security of genetic information.
Details of the hacker attack
The Hacker attack on 23andMe was carried out by means of a so-called credential stuffing attack. The attackers used stolen credentials to gain access to individual user accounts. This method enabled them to bypass the company's security precautions.
Affected user data
The effects of the hacker attack were serious. Almost seven million users were affected, whose sensitive genetic data were compromised. Users of Chinese and Ashkenazi Jewish origin were particularly targeted by the attackers. Their data was offered for sale on the darknet, which underlines the seriousness of the data leak.
Legal consequences and class actions
The legal consequences of the data scandal were considerable. 23andMe had to accept a compensation payment of 30 million dollars. In addition, the company was faced with numerous Class actions confronted. Criticism was voiced that 23andMe had not adequately informed the affected users about the incident. This situation highlights the need for strict data protection measures in the area of genetic testing.
23andMe genetic data account deletion
The 23andMe account deletion is a complex process that does not lead to the complete Data deletion leads. Despite the possibility of deleting the account, some genetic information received. The company continues to store certain data in order to comply with legal obligations.
With a Account deletion the following data will not be deleted:
- Genetic information
- Date of birth
- Gender
Particularly problematic is the Data deletion for research studies. Information that users have provided for previous studies will not be removed from ongoing or completed studies. This affects around 15 million customers whose DNA data could potentially be sold.
The Electronic Frontier Foundation (EFF) warns of potential data protection risks. Unlike medical professionals, 23andMe is not subject to the Health Insurance Portability and Accountability Act (HIPAA) with regard to the protection of health data.
| Risks of genetic data collection | Affected areas |
|---|---|
| Misuse of genetic data | Insurance company |
| Undesirable use | Law enforcement authorities |
| Commercial utilization | Pharmaceutical company |
The current crisis at 23andMe, triggered by a major data breach and board resignations, is leading to falling share prices and redundancies. This underscores the importance of carefully reviewing privacy policies before using genetic testing services.
Privacy policy and user rights
The 23andMe Privacy Policy are the focus of the discussion about genetic data. Users are concerned about their rights and the security of their sensitive information.
Current data protection regulations
23andMe promises not to pass on any data to insurers or employers. However, personal data could become part of transactions in the event of company restructuring. A new owner would have the option of changing the data protection guidelines.
Limits of data deletion
The Data deletion at 23andMe has its limits. Even after deleting an account, certain genetic informationdate of birth and gender are stored. This raises questions about the effectiveness of the User rights on.
Legal obligations of the company
23andMe is subject to legal obligations to protect the User data. Nevertheless, data breaches at various DNA test providers show the Risks:
| The company | Incident | Data concerned |
|---|---|---|
| 23andMe | Data breach | Personal and health-related data |
| Veritas Genetics | Unauthorized access | Customer data in the portal |
| Vitagene | Open AWS database | Names, dates of birth, genetic health information |
These incidents illustrate the need for strict Security measures and transparent communication about the Data usage.
Users should check the privacy policy carefully and know their rights. If you have any concerns, it is advisable to report them to the relevant authorities.
Research and data use
The 23andMe Research uses the extensive wealth of customer data. Over 80 percent of users consent to the use of their genetic information for scientific purposes. This enables the company to conduct numerous studies and Cooperations with the Pharmaceutical industry to enter into.
23andMe has published more than 200 studies on various diseases. The Data usage extends to partnerships with universities and pharmaceutical companies such as Pfizer. A significant agreement exists with GSK, which invested USD 300 million in 23andMe and gained access to the data pool for the development of new therapies.
According to 23andMe, the data is passed on in anonymized form. Nevertheless, experts warn of possible Risks:
- US laws do not offer comprehensive protection for genetic data
- 23andMe is not subject to the same protection standards as medical practices
- Personal data could be passed on in the event of corporate restructuring
The future of 23andMe and the consequences for customers remain uncertain. Despite the valuable research opportunities, users should Risks the use of data.
| Aspect | Details |
|---|---|
| Customer consent for research | About 80% |
| Published studies | More than 200 |
| Important cooperation | GSK (USD 300 million investment) |
| Other partners | Universities, Pfizer, Procter & Gamble |
Risks of genetic data collection
The collection of genetic data harbors considerable risks for the Privacy and safety of individuals. With over 30 million people having used consumer DNA kits, including around 10 million on 23andMe, the amount of data is constantly growing.
Identification and tracking
Genetic data enables precise identification of individuals. There are almost 200 DNA laboratories in the USA that store profiles in databases. The largest national database contains over 14 million profiles. In England and Wales, around six million profiles are stored.
Risks of discrimination
Despite the law passed in the USA in 2008 against genetic Discrimination there are still risks. Insurance companies in particular could use genetic information to discriminate. The legal gray areas in the data protection guidelines of DNA testing companies exacerbate this problem.
| Risk | Potential impact |
|---|---|
| Identification | Loss of anonymity |
| Discrimination | Disadvantage with insurance or work |
| Data misuse | Targeted advertising, manipulation |
Potential for abuse
Researcher Yaniv Erlich showed in experiments that it is possible to uncover identities from anonymized genetic data. This illustrates the potential for misuse of hacked or resold genetic data for targeted advertising or manipulation.
The immutability of genetic information increases the risk of long-term misuse. Security breaches, such as MyHeritage 2018, underline the need for stronger protection measures for sensitive genetic data.
Legal situation in Germany
Strict rules apply in Germany Legal regulations for DNA tests. The Genetic Diagnostics Act provides the framework for dealing with genetic tests. Health-related genetic tests may only be carried out by doctors. This severely restricts the possibilities for direct consumer testing.
DNA tests in Germany are officially only permitted for parentage analysis. Companies such as 23andMe do not offer their services here directly. This limits the number of German users affected. The strict regulations in Germany are in contrast to the more relaxed regulations in the USA.
Despite strict laws, interest in genetic testing is growing. AncestryDNA officially launched in Germany in 2018. The company claims to have around 10 million customers worldwide. Family Tree DNA introduced the first genetic ancestry tests in 2000.
Experts warn of data protection risks with genetic tests. Problems can arise, especially if data is stored outside the EU. The growing popularity of the tests could lead to anonymized data no longer remaining anonymous in the future.
It is important for consumers to be aware of the legal situation. The data protection guidelines should be checked carefully before a DNA test is carried out. Although the strict German laws offer protection, international providers often apply different standards.
Alternatives to 23andMe
For those interested in DNA tests, there are a number of other companies in addition to 23andMe DNA test provider. These companies offer similar services, but differ in their Data protection standards.
Available DNA test providers
To the known Alternatives to 23andMe include AncestryDNA, MyHeritage and FamilyTreeDNA. These companies specialize in genealogy and genetic health analysis. LivingDNA is another provider that focuses on the detailed analysis of European ancestry.
| Provider | Focus | Price (approx.) |
|---|---|---|
| AncestryDNA | Genealogy | 79€ |
| MyHeritage | Family history | 69€ |
| FamilyTreeDNA | Y-DNA and mtDNA tests | 79€ |
| LivingDNA | European descent | 99€ |
Comparison of data protection standards
When choosing a DNA test provider, it is important to compare the Data protection standards crucial. Some companies have had data breaches in the past, including Veritas Genetics and Vitagene. It is important to carefully review privacy policies and understand how genetic information is used and protected.
Pay particular attention to how long your data is stored and whether you retain full control over your genetic information. Some providers allow you to have the data deleted after the test, while others want to keep it for research purposes. Choose a provider whose Data protection standards meet your personal requirements.
Protective measures for genetic data
In the era of the genomic revolution, the protection of genetic information is becoming increasingly important. With over 30 million people having already used consumer DNA kits, the Privacy in focus. Privacy and Security measures are crucial for protecting sensitive genetic data.
Experts recommend reading the data protection guidelines thoroughly and using strong passphrases. Activating two-factor authentication also increases security. It is particularly important to regularly check the data sharing options. At 23andMe, around 80% of users choose to share their data for research purposes - a decision that should be carefully considered.
Despite the law against genetic Discrimination (GINA) in the USA, the risk of data misuse remains. Security incidents such as MyHeritage in 2018 show the vulnerability of genetic information. To protect privacy, experts advise data minimization and cautious use of third-party apps. In the EU, the GDPR provides a strict framework for the handling of genetic data, which requires companies to implement robust Security measures forces.
English 
Deutsch 
Español 
Français 
Polski