How to keep your data safe in the age of data leaks

In 2023, DNA testing company 23andMe suffered a massive data breach. Hackers accessed the data of approximately 6.9 million users. Since then, 23andMe’s financial value has plummeted precipitously — up until earlier this week, when it filed for bankruptcy, as the Deseret News previously reported.

The company insists that it will continue to safeguard customer data, but Utah Attorney General Derek Brown has continued to encourage 23andMe users to delete their data.

Other attorneys general across the country have repeated his warning, urging 23andMe’s 15 million patrons to destroy any data 23andMe has access to, including records of genetic material samples.

Even Americans who are not 23andMe users may have data safety on the mind as security leaks make national headlines in the form of Trump officials accidentally including a journalist on a group chat detailing war plans, as the Deseret News previously reported.

How can you keep your data safe in the age of data leaks?

Keeping your data safe: Things to know

23andMe is searching for a buyer who will “comply with applicable law with respect to the treatment of customer data,” the firm wrote in a letter to its users.

Uncertainty about a worthy future buyer remains. Therefore, state attorneys general are pushing constituents to do whatever they can to protect their data themselves.

Deleting your data

23andMe promises that account deletion permanently removes user data from its database, including genetic samples.

California’s attorney general published a press release with step-by-step instructions to delete personal information from 23andMe. Laws in some states require that consumers who hand their data over to external companies retain the ability to destroy their data. In some cases, deleting your data gives you the legal right to have it disappear.

Be careful about what data you share and with whom you share it

Take the time to carefully review your data settings, including the privacy policies and terms and conditions that many users frequently agree to without reading.

When it comes to sensitive data like genetic information, companies like 23andMe will have specific forms of consent that users must sign if they wish to opt in for data tracking. Other companies, including texting services like Signal or WhatsApp, use your location, thereby also allowing hackers to figure out exactly where you are if they’re savvy enough.

It is safer to personally revoke permission you have given to businesses and apps to use your data. Conscientious companies are then legally required to remove your data.

Use a password or encryption

It is tempting to use an easy-to-remember password — but to really ensure data safety, skip the convenience and go for something difficult and unique from the passwords you use for other sites. Two-factor authentication from services like Duo Mobile and 1Password also add an extra layer of protection.

Encryption is another highly useful tool. It scrambles data into a secret code that only a unique digital key can unlock. Some messaging apps like Signal offer encryption, as well as some storage services like Google Cloud. This way, even if someone hacks your data, they still have to hack your code, adding another layer of protection — not an invincible coat of armor, but another layer nonetheless.

Monitor your identity

In an era where everything is online, it is nearly impossible to disconnect. Work, school and social lives have moved onto the internet. If you can’t fully remove yourself from the digital sphere, then you can at least frequently monitor your information.

Be aware of who you give your information and what they are using it for. Watch out for unauthorized account usage, especially when it comes to financial accounts. Pay attention to who is texting you and sending you emails. Is it people to whom you have given your contact, or businesses who have bought and sold your information?