Hope this isn’t a repeated submission. Funny how they’re trying to deflect blame after they tried to change the EULA post breach.

  • Hegar@kbin.social
    link
    fedilink
    arrow-up
    1
    ·
    10 months ago

    It’s actually the user’s fault. The emails and passwords came from a different breach

    No, 23andme is very clearly at fault.

    Only 0.02% of those who had their personal info leaked were hacked by a credential stuffing attack.

    99.8% of victims were victims because the company launched an obviously unsafe feature that allowed intruders to acces 500 other people’s details for each compromised account.

    No one changes the password on sites they don’t use anymore and this is basically a single use service.