Hope this isn’t a repeated submission. Funny how they’re trying to deflect blame after they tried to change the EULA post breach.
Hope this isn’t a repeated submission. Funny how they’re trying to deflect blame after they tried to change the EULA post breach.
It’s actually the user’s fault. The emails and passwords came from a different breach, and some of those also worked on 23andMe. This is why you don’t reuse passwords.
No, 23andme is very clearly at fault.
Only 0.02% of those who had their personal info leaked were hacked by a credential stuffing attack.
99.8% of victims were victims because the company launched an obviously unsafe feature that allowed intruders to acces 500 other people’s details for each compromised account.
No one changes the password on sites they don’t use anymore and this is basically a single use service.