> The information that has been exposed from this incident includes full names, usernames, profile photos, sex, date of birth, genetic ancestry results, and geographical location.

i would absolutely argue that having my

1) genetic ancestry,

2) full name,

3) date of birth,

etc… is sensitive information.

even removing genetic information, if a company is too irresponsible to catch millions of users info being stolen, then they’re too irresponsible to have that data.

again, either it’s important to your business or it isn’t. if it isn’t important, then refuse to store it.

Birthdate/name is not sensitive data nor is a public profile photo. Facebook will display this in a public profile. And you are not getting genetic data. This info is public in other dna sites even if it's private on 23andme