Your DNA is open to "Your money or your life!" ransomware.


Health IT Security (read the story here) reports that the Vitagene data on Amazon AWS was misconfigured in a yearlong data breach. Not only is AWS a host for a Pass (Phishing as a Service) vendor, but AWS itself, along with Vitagene, is not configured for ANY email phishing/spoofing enforcement.

You didn't use Vitagene. How about AncestryDNA.com? Their vendor, returnpath.net, has DMARC enforcement set at p=none. In other words, your DNA is up for grabs. Imagine what a technologically  sophisticated nation state could do with your specific DNA data. Like sending you a swell surface mail gift laced with a pathogen targeted for you and only you. Talk about ransomware!

"Your money or your life!" Try to scare up a bunch of Bitcoin with trembling fingers. Especially if you're bleeding out your eyeballs.

Talk about a cool science fiction novel.

Science fiction, nuts! If your DNA shows you to have a peanut allergy, a malicious hacker might send you a gift covered in peanut oil. How about you check your DNA testing service for DMARC compliance, and demand your right to be forgotten (oh wait, there isn't such a law in the USA).

Mad Max



#vitagene #aws #ancestrydna #ransomware #databreach

Comments

Popular Posts