DNA testing service Vitagene exposed thousands of customer records online for years after being hit by a data breach.
More than 3,000 user files remained accessible to the public on Amazon Web Services cloud computer servers .
When Vitagene was notified of the issue they shut down external access to the sensitive personal information.
The data compromised included customers’ full names alongside dates of birth and gene-based health information, such as their likelihood of developing certain medical conditions, a review of the documents showed.
Source: https://www.latimes.com/business/la-fi-vitagene-dna-privacy-exposed-20190709-story.html
TPRM report: https://scoringcyber.rankiteo.com/company/vitagene
"id": "vit16491423",
"linkid": "vitagene",
"type": "Data Leak",
"date": "07/2019",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'customers_affected': 'Thousands',
'industry': 'DNA Testing',
'name': 'Vitagene',
'type': 'Company'}],
'data_breach': {'number_of_records_exposed': '3,000+',
'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['full names',
'dates of birth',
'gene-based health information']},
'description': 'DNA testing service Vitagene exposed thousands of customer '
'records online for years after being hit by a data breach. '
'More than 3,000 user files remained accessible to the public '
'on Amazon Web Services cloud computer servers. When Vitagene '
'was notified of the issue they shut down external access to '
'the sensitive personal information. The data compromised '
'included customers’ full names alongside dates of birth and '
'gene-based health information, such as their likelihood of '
'developing certain medical conditions, a review of the '
'documents showed.',
'impact': {'data_compromised': ['full names',
'dates of birth',
'gene-based health information'],
'systems_affected': ['Amazon Web Services cloud computer servers']},
'response': {'containment_measures': 'Shut down external access to the '
'sensitive personal information'},
'title': 'Vitagene Data Breach',
'type': 'Data Breach'}