FDA Warns DNA Sequencing Machines Could Be Hacked

(Bloomberg) -- US regulators warned health-care providers about a cybersecurity risk with some Illumina Inc. DNA-sequencing machines that could compromise patient data.

Several of Illumina’s next-generation machines have a software vulnerability that could allow an unauthorized user to take control of the system remotely and alter settings or data, the Food and Drug Administration said in a letter Thursday. While there have been no reports of this happening, it’s possible that a hacker could alter a patient’s clinical diagnosis or gain access to sensitive genetic information.

Illumina has a near monopoly on the genetic-sequencing market and its machines are used for both research and in medical practice. The company said it has developed a software patch for the vulnerability and is working on a permanent fix.

“Illumina takes data privacy and cybersecurity very seriously and prioritizes instrument security and the protection of genomic and personal data,” a company spokesperson said. 

Genetic data is especially sensitive. DNA contains a vast treasure trove of personal information about health, relationships, personality and family history. As genetic testing has grown in popularity in both a medical and consumer context, so too have calls for this information to be rigorously protected.

At least two other genetic testing companies -- Veritas Genetics and MyHeritage -- have experienced data breaches. In both cases the companies said it did not appear genetic data itself was accessed.