MyHeritage Hack Leaks Data of 92 Million Users. Could Blockchain Help Prevent Future Breaches?
According to a release by genealogy and DNA testing service MyHeritage, user details for more than 92 million accounts were discovered in a private server. Although no user DNA information was found in the leaked data, the MyHeritage hack discovered by an outside security researcher highlights the current vulnerabilities in the way many private records are stored on the Internet, and how sensitive information such as genomic data can potentially fall into the hands of hackers.
DNA Testing is Growing Exponentially
The practice of DNA testing has experienced a dramatic growth rate in recent years, with more than 12 million people taking direct-to-consumer genetic genealogy tests in 2017 alone, twice as many as in 2016.
While most genealogy service providers explain that the DNA information gathered can be used to determine where people’s ancestry originates and to locate new relatives and family members, the results from DNA testing are also being used for a wide range of other applications including paternity tests, uncovering certain risks for medical conditions, and even for predicting IQ levels.
As genealogy services such as MyHeritage and others continue to collect sensitive DNA information from people, and this information makes its way into new tests and applications, the issue of protecting the security and integrity of this data becomes critical.
Can Blockchain Help Secure Genomic Data?
One company, EncrypGen, is working on a blockchain-based solution. We spoke with David Koepsell, JD, PhD, CEO and Co-Founder of EncrypGen, to discuss how blockchain can be used to enhance the security and privacy of genetic data.
Dr. Koepsell explains, “We feel that genomic data should be kept private and safe, and that people should be able to maintain and take control of that data and its use.”
“The idea behind putting genomic data under a blockchain, and being able to control who gets access and how you get paid for its use really involves these dual questions of privacy and security as well… Genetic data can reveal stuff about yourself that you don’t necessarily want others to know.”
The Growing Market for Buying Genetic Data
EncrypGen’s team includes Co-Founder and Genomic Science Advisor Vanessa Gonzalez Covarrubias, Ph.D, a specialist in Pharmacogenomics, an area of science which analyzes how a person’s genes can affect their response to different drugs.
“It turns out that we do not all metabolize medicines the same way,” says Dr. Koepsell, “and that can have a great impact on your treatment.”
“The current model for genetic data,” he continues, ”is that companies like pharmaceutical companies who want large groups of data, the genetic data and the meta data which makes it medically and scientifically useful, go to companies like 23andme and they buy it.”
“Most people don’t realize that 5 million people have been tested by 23andme, for instance, and 80% of those people have opted in for scientific research. That also means that their data is being bought by companies to do their basic research as well, sometimes for large amounts of money. We feel that the consumer ought to be involved in that somehow.”
How Blockchain Can be Used to Help Protect Genomic Data
During our interview, Dr. Koepsell stated that it is EncrypGen’s view that genomic data itself should not sit on a public blockchain due to two potential problems: 1) Even with encryption, it may be possible to reidentify the data potentially, and 2) given the new General Data Protection Regulation (GDPR) rules in Europe, the immutability of blockchain records would make it impossible for those records to ever be deleted.
This inability to delete the information would make the practice illegal in the European Union as it would be impossible for consumers to remove those records from the system. “What we are capturing on our blockchain is the transactions of the data so that we know where the data is going, and you can always trace back and do an audit trail.”
Developing a Blockchain-based Market for Genomic Data
“The way that the ecosystem is going to work is that anybody can create a profile for free and upload their tests.” says Koepsell, “Put their data on our platform and see if they can go directly to the buyers of the data and sell that data.”
“We are going to be an alternative marketplace for that data, and we’re going to put the consumer in charge.”
What do you feel about sharing your genomic data? Would you be interested in being able to better manage who has access to your genetic data, and be compensated whenever a company purchases it? Let us know your thoughts in the comments below.
Images via Pixabay, Depositphotos, and EncrypGen