Summary of "The DNA of 15 Million People Is For Sale" – The 404 Media Podcast

Release Date: March 26, 2025
Host: 404 Media (Joseph, Sam Cole, Emmanuel Mayberg, and Jason Kebler)

1. Introduction to 23andMe and Its Bankruptcy

The episode delves into the alarming news that 23andMe, a leading consumer genetic sequencing company, has filed for bankruptcy. Jason Kebler introduces the topic by explaining 23andMe's role in popularizing DNA testing as a Christmas gift, allowing users to discover their ancestry and genetic predispositions.

Jason Kebler [01:04]: "It's a direct consumer genetic sequencing company. Still is. It's still operational."

2. Genetic Data Privacy Concerns

The hosts discuss the long-standing concerns over genetic data privacy. Jason reminisces about a 2016 panel at South by Southwest where the potential misuse of genetic databases by law enforcement was a hot topic. He references the Golden State Killer case, where law enforcement used GEDmatch (a genetic database) to identify the perpetrator through his family's DNA.

Jason Kebler [03:15]: "They were able to identify him. And I think that it's one of those things where we often talk about really extreme cases when we talk about privacy."

3. Law Enforcement's Access to Genetic Databases

The conversation shifts to how law enforcement agencies are leveraging genetic databases like 23andMe and Ancestry. Jason highlights that these databases are valuable for solving serious crimes but raises concerns about potential misuse.

Sam Cole [05:29]: "It's like Google collects all of this data, and then the FBI or whoever are like, we're going to give you a court order... it's just for genetic information, basically."

4. Bankruptcy Due to a Credential Stuffing Hack

A critical revelation is that 23andMe's bankruptcy stems from a severe security breach. In late 2023, a credential stuffing attack compromised 7 million users' genetic information, primarily targeting Ashkenazi Jewish and Chinese DNA profiles. This breach led to over 50 class-action lawsuits and 35,000 arbitration demands, overwhelming the company's financial standing.

Jason Kebler [12:03]: "23andMe got hacked in at the end of 2023... 7 million people had their information leaked."

5. Implications of 23andMe's Bankruptcy

With 23andMe bankrupt, its vast genetic database is up for sale. The uncertainty surrounding potential buyers raises significant privacy concerns. Possibilities range from multinational conglomerates to surveillance-focused entities, leaving users apprehensive about the future of their genetic data.

Jason Kebler [11:45]: "It's something that we'll keep an eye on for sure."

6. Personal Reflections and Broader Impacts

Emmanuel Mayberg shares personal experiences related to genetic databases, including a story where the FBI seized his personal genetic data during investigative reporting. Both Jason and Emmanuel express deep concerns about the permanence and vulnerability of genetic information once submitted to such companies.

Emmanuel Mayberg [21:07]: "I feel like Jason and I have had... I'm already in it. I'm already in it."

7. Preventive Measures and Recommendations

The hosts advise listeners on protective steps, such as deleting their genetic information from 23andMe, especially residents of California who are covered under stringent privacy laws. They emphasize the importance of using unique passwords and password managers to mitigate the risks of credential stuffing attacks.

Sam Cole [16:29]: "There's absolutely ways to protect against credential stuffing even if your users have made the unfortunate mistake of reusing a password."

8. Introduction to the DogeQuest Doxxing Incident

Transitioning to a second major topic, the podcast addresses the emergence of DogeQuest, a website allegedly doxxing Tesla owners across the U.S. Sam Cole describes discovering the site, which maps Tesla superchargers and dealerships, displaying personal information of Tesla drivers alongside Doge (the meme dog) imagery.

Sam Cole [31:02]: "There's names, there's email addresses, there's phone numbers... it's a very tongue in cheek way of doxing these people."

9. Verification and Public Reaction

Jason and Sam investigate the authenticity of the DogeQuest data, finding that while some information was accurate, the origins of the data remain unclear. They highlight the broader context of heightened anti-Tesla sentiments and protests, raising concerns about targeted intimidation and surveillance.

Jason Kebler [37:20]: "It clearly was created to like intimidate Tesla, Tesla owners, et cetera."

10. Law Enforcement Techniques in Protesting Incidents

Further discussion reveals how law enforcement has been employing technologies like Automatic License Plate Readers (ALPRs) to track and apprehend individuals involved in anti-Tesla vandalism and protests. The classification of such acts as domestic terrorism allows for more invasive surveillance and harsher sentencing.

Jason Kebler [43:01]: "They were very, very interesting because it combined a lot of technologies and surveillance strategies."

11. Conclusion and Future Coverage

The episode concludes by promising continued coverage of both the 23andMe bankruptcy and the DogeQuest situation. The hosts urge listeners to stay informed and consider the profound implications of data privacy in the age of genetic sequencing and digital surveillance.

Sam Cole [47:20]: "This has been 404 Media. We will see you again next week."

Notable Quotes:

• Jason Kebler [01:04]: "It's a direct consumer genetic sequencing company. Still is. It's still operational."

• Sam Cole [05:29]: "It's like Google collects all of this data, and then the FBI or whoever are like, we're going to give you a court order... it's just for genetic information, basically."

• Emmanuel Mayberg [21:07]: "I'm already in it. I'm already in it."

Key Takeaways:

• Privacy Risks: The sale of 23andMe's genetic database poses significant privacy risks, as genetic information is immutable and deeply personal.

• Law Enforcement Utilization: Genetic databases are increasingly used by law enforcement to solve serious crimes, raising ethical and privacy concerns.

• Security Vulnerabilities: The credential stuffing attack on 23andMe underscores the vulnerability of genetic databases to cyberattacks, necessitating robust security measures.

• Surveillance Technologies: Tools like ALPRs are being actively used to monitor and apprehend individuals involved in targeted protests and vandalism, blurring the lines between security and privacy.

• User Responsibility: Individuals are encouraged to take proactive steps to protect their genetic data, including deleting information from compromised databases and using unique passwords.

This comprehensive summary encapsulates the critical discussions from the episode, providing listeners—both existing and new—with a clear understanding of the pivotal issues surrounding genetic data privacy, law enforcement practices, and the implications of emerging surveillance technologies.