[dweinus]

From the LA Times article: "Using information posted to genealogy websites and other publicly available Internet resources, the Whitehead Institute researchers were able to ferret out the names of nearly 50 people"

They don't link the study, so it is hard to tell, but it appears that what actually happened is they used self-reported identifying information linked to DNA entries.

It's not apparent that they did any genetic analysis whatsoever.

That is still certainly a privacy attack vector, but one on par with getting your email hacked because you always use your birthday as you password.

[berberous]

That's not correct. The Personal Genome Project (PGP) is a Harvard-run study that aims to get 100k people to publicly post their full genome, along with their health and trait information.

The study took some of these public DNA samples, and searched genealogy databases to find likely relatives. The self-reported surnames were thus those of distant relatives, not of the PGP-participants themselves. The researches then combined those likely surnames with information such as zip codes on the PGP public profiles to correctly identify several participants (given that a zip code, gender, and surname is often enough information to uniquely identify a person).

It should be noted that the PGP has a rigorous education and consent process of the risks of publicly posting DNA. So while the study may have surprised some of the participants, it's not something any of them were expecting could never happen.

You can read more info on the study here: http://www.wired.com/wiredscience/2013/01/your-genome-could-...

[dweinus]

Thank you, I stand corrected! Thanks to the other commenter with the study link too.

[dil4heys]

"They don't link the study, so it is hard to tell."

The study: "Identifying personal genomes by surname inference." Gymrek et al. Science. 2013 Jan 18. (http://www.jhu.edu/pfleming/bioinform/files/gymrek_science_2...)