A hacking problem affecting 2,102,436 people has been announced by DNA Diagnostics Center (DDC), an Ohio-based DNA testing firm. The event resulted in a verified data breach between May 24, 2021, and July 28, 2021, with the company’s internal inquiry wrapping up on October 29, 2021. The following is some of the information that the hackers gained access to:
- Full names
- Debit card number + CVV
- Credit card number + CVV
- Platform account password
- Financial account number
The corrupted database includes historical backups from 2004 to 2012, and it was not connected to DDC’s current operational systems and databases. According to the notification, the compromised database was linked to a national genetic testing organization that DDC has never used in its operations and has been inactive since 2012.
Because DDC purchased certain assets from this national genetic testing business in 2012, including specific personal information, the consequences of this occurrence are unrelated to DDC. The DNA Diagnostics Center collaborates with third-party cyber-security specialists to reclaim the stolen materials and guarantee that the threat actor does not spread them further. So far, no allegations of fraud or unlawful use of the stolen information have surfaced.
A notice letter will be sent to anyone impacted, along with instructions for enrolling in Experian’s free identity theft protection & credit monitoring services for a year. The receivers of these letters are reminded to be watchful against fraud and regularly monitor their bank account balances to spot and report unusual behavior.
DDC emphasizes that no genetic testing data was compromised due to the data breach because it is housed on a separate system. The firm provides paternity, DNA relationship, fertility, COVID-19, ancestry, and immigration testing. Therefore, they have access to sensitive information. According to the notice, nothing related to these services has been compromised.