It has now been confirmed that an additional 6.9 million 23andMe users had ancestry data stolen after hackers accessed thousands of accounts by likely reusing previously leaked passwords. After the cyberattack was reported, Wired estimated that “At least a million data points from 23andMe accounts” that were “Exclusively about Ashkenazi Jews” and data points from “Hundreds of thousands of users of Chinese descent” seemed to be exposed. When the hack was first reported, a nonprofit dedicated to defending online privacy, the Electronic Frontier Foundation, reported that “There are no federal laws that clearly protect users of online genetic testing sites like 23andMe.” While 23andMe recommended that all users strengthen their passwords, EFF went one step further and suggested that users consider disabling the DNA Relatives feature, especially if they’re not actively using it.

Source: Hackers stole ancestry data of 6.9 million users, 23andMe finally confirmed

Emphasis:

There are no federal laws that clearly protect users of online genetic testing sites like 23andMe.

It’s sad that the result is predictable.