GEDmatch DNA Testing Website
|GEDmatch DNA Testing Website|
|Short Title||Public Genealogy Database GEDMatch Was Found Vulnerable Security Risks|
|Information||Ethnicity, Physical Characteristics, Medical and Health|
|Affected||Users of GEDmatch|
|High Risk Groups|
Public genealogy database GEDMatch was found vulnerable to multiple kinds of security risks.
GEDmatch is a public genealogy database, which is used as a third-party by such DNA testing sites as 23andMe, Ancestry.com and MyHeritage. These sites allow people to learn about their genetic makeup and GEDmatch compares their DNA sequences to others in the database who have uploaded test results, in order to connect to potential relatives in their family trees.
Researchers of University of Washington found that GEDmatch was vulnerable to multiple kinds of security risks. An adversary or simply a malicious user can extract sensitive genetic markers for someone and construct a fake genetic profile to impersonate someone’s relative by using only a small number of comparisons on GEDmatch.
This is an example of Insecurity, as the website allows users to see other users' DNA information.