Genetic testing company 23andMe said Monday that hackers were able to access the data of about 6.9 million people, far more than the company previously acknowledged.
The finding is the result of an investigation 23andMe launched in October, after at least one list of people whom the site identified as having Ashkenazi Jewish ancestry was posted online.
A strange number of engineers think DARE and transmission encryption are sufficient for sensitive data, as though that encryption isn’t effectively transparent if the tools designed to access it are compromised.
Fair point!
To be clear I wasn’t arguing that DARE is enough, you are absolutely correct that depending on the situation it isn’t, but in my opinion in this specific case. if the data was DAREd, and sent to the user in its encrypted state and only decrypted on the user’s machine with the user’s key, that’s not stored in any server, it would have completely fixed this specific issue. Naturally, however, to your point, with encryption there is no one-size-fits-all argument!