mailing list archives
'White hat' hacker discovers names of 'anonymous' volunteers of genome study in security drill
From: security curmudgeon <jericho () attrition org>
Date: Fri, 18 Jan 2013 11:39:09 -0600 (CST)
---------- Forwarded message ----------
From: InfoSec News <alerts () infosecnews org>
By STEVE CONNOR
17 JANUARY 2013
A former "white hat" hacker hired by banks to test their computer security
has been able to discover the names of individuals who volunteered to take
part in genome studies on the condition of anonymity.
Nearly 50 people who had agreed to have their genomes sequenced and placed
on scientific databases provided that their names would not be used were
identified by Yaniv Erlich as part of an exercise to test the
vulnerability of personal data held in DNA libraries.
The revelation will prove embarrassing for organisations who have promoted
the widespread use of genome sequencing in medical research. Last month,
the Government announced a plan to sequence the genomes of 100,000 Britons
to boost the discovery of new drugs and treatments.
Dr Erlich used computer algorithms to link DNA sequences, particularly of
the male Y chromosome, with surnames and other personal data held on
genealogy databases as part of a deliberate attempt to test the security
of the ?anonymised? information held on genome databases.
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list
Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
- 'White hat' hacker discovers names of 'anonymous' volunteers of genome study in security drill security curmudgeon (Jan 18)