- cross-posted to:
- news@hexbear.net
- hackernews@derp.foo
- cross-posted to:
- news@hexbear.net
- hackernews@derp.foo
Drugmakers Are Set to Pay 23andMe Millions to Access Consumer DNA::GSK will pay the DNA testing company $20 million for non-exclusive access to genetic data.
True, but I think the shady thing is that the data transmission is framed as “Research Participation” - which sounds a lot better than “allow us to sell your data to other companies and institutions.”
It’s understandable they phrase it like that when themselves are the main consumer of this data for their own research. I fail to see any shady behavior from their part here whatsoever. Regarding 23andMe, I’m vastly more concerned with the data leak episode they had recently and what they’re doing to prevent a future episode like this.
It wasn’t a data leak. It was an authorization incursion brought on by users using the same username/email and password combo on other sites that had been compromised. If people don’t have 2FA enabled for these accounts, then it’s on them. There’s literally nothing that 23andme can do about a situation like that when unauthorized users have both the email and password for an account without 2FA. They might have been able to force 2FA on accounts but it’s too late for that when other accounts are compromised.
ah that’s right, my bad. I remember not being sure if the credential reuse thing was 23andMe trying to downplay the attack, but it seems to really be the case. Not much to worry then.