DNA-testing service Vitagene left thousands of client health reports exposed online for years, the kind of incident that privacy advocates have warned about as gene testing has become increasingly popular.
More than 3,000 user files remained accessible to the public on Amazon Web Services cloud-computer servers until July 1, when Vitagene was notified of the issue and shut down external access to the sensitive personal information, according to documents obtained by Bloomberg. The genealogy reports included customers' full names alongside dates of birth and gene-based health information, such as their likelihood of developing certain medical conditions, a review of the documents showed.
Vitagene said that the files dated from when the company was in "beta" testing and represented a small fraction of its customer base.
"We immediately opened an investigation and blocked access to the files," Chief Executive Officer Mehdi Maghsoodnia said in an email.