Teiss: Concerns galore over Ancestry.com’s handling of customers’ DNA data

June 8, 2018 — Ancestry.com currently stores DNA information and other personal details of over 5 million people but security experts are cautioning users to remain vigilant over how their DNA information is used by the company and how secure the company’s systems are against external attacks.

Ryan Wilk, VP at NuData, comments on a report issued yesterday by Teiss UK disclosing that last year, hackers had successfully breached RootsWeb, a site owned and operated by Ancestry, but even though the hack had resulted in the compromise of 55,000 customer accounts, the firm said the customer data stored by it were kept in completely separate systems and were secured by an encrypted system whose keys were with Ancestry.

To avoid account takeovers with stolen username and passwords, two-factor authentication can be combined with other security layers such as passive biometrics and behavioral analytics, so that if one layer fails or is not reliable, another layer of security takes over, protecting the customers’ accounts even if the credentials have been stolen.

For the complete article, go here.