Flutterby™! : 23andMe maybe not really hacked

Next unread comment / Catchup all unread comments User Account Info | Logout | XML/Pilot/etc versions | Long version (with comments) | Weblog archives | Site Map | | Browse Topics

23andMe maybe not really hacked

2024-01-04 01:55:59.838015+01 by Dan Lyke 0 comments

23andMe tells victims it’s their fault that their data was breached

The data breach started with hackers accessing only around 14,000 user accounts. The hackers broke into this first set of victims by brute-forcing accounts with passwords that were known to be associated with the targeted customers, a technique known as credential stuffing.

From these 14,000 initial victims, however, the hackers were able to then access the personal data of the other 6.9 million million victims because they had opted-in to 23andMe’s DNA Relatives feature. This optional feature allows customers to automatically share some of their data with people who are considered their relatives on the platform.

I mean, my first reaction was to quote Otter from Animal House: "Flounder, you can't spend your whole life worrying about your mistakes! You fucked up... you trusted us! Hey, make the best of it! Maybe we can help."

But really, this is more about the whole trust model from engaging in the activity in the first place.

[ related topics: Real Estate ]

comments in ascending chronological order (reverse):

Comment policy

We will not edit your comments. However, we may delete your comments, or cause them to be hidden behind another link, if we feel they detract from the conversation. Commercial plugs are fine, if they are relevant to the conversation, and if you don't try to pretend to be a consumer. Annoying endorsements will be deleted if you're lucky, if you're not a whole bunch of people smarter and more articulate than you will ridicule you, and we will leave such ridicule in place.

Flutterby™ is a trademark claimed by

Dan Lyke
for the web publications at www.flutterby.com and www.flutterby.net.