TechCrunch reports that two-factor authentication has been required by major U.S. genetic testing and genealogy firms 23andMe, Ancestry, and MyHeritage in the aftermath of the significant 23andMe breach, which resulted in the theft of data from more than a million of its Jewish Ashkenazi and Chinese users.
While 23andMe has already begun implementing 2FA by default following the incident, Ancestry will be mandating the security feature for all its AncestryDNA customers by the end of the year. On the other hand, default 2FA implementation for DNA clients will also be adopted soon by MyHeritage.
Such a development comes after 23andMe reported that users opting for the DNA Relatives functionality had their data compromised by threat actors who leveraged user credentials stolen from previous data breaches.
Extensive personal and genetic data held by genetics and genealogy firms have made them popular cyberattack targets, with DNA analysis organization GEDmatch and DNA testing firm Veritas Genetics having been compromised in 2020 and 2019, respectively.
