23andMe tells victims it's their fault that their data was breached | TechCrunch
techcrunch.com
In a letter to victims who filed a lawsuit against the company, 23andMe blames its breach on customers for reusing passwords.
  • @MiltownClowns@lemmy.worldEnglish
    136 months ago

    These genetic companies need to be held to a crazy high standard. I hate the genetic companies, I’ve avoided them like the plague, and I would never freely give up my DNA to any private entity. But everybody in my family fucking loves them, so it doesn’t matter. My genetic information is available on the Internet and there’s nothing I can do about it. I’m amazed that there isn’t even whispers of regulating this yet. And by the time somebody even thinks about regulating it, all the pharmaceutical companies will own all our genetic information and you could probably Google a DNA sequence and find anybody. The future is lame.

  • @ebits21@lemmy.caEnglish
    46 months ago

    I was very excited to do this years ago when my sister bought me a kit….

    I could never go through with it… I just knew the data would be abused and/or stolen. Sucks.

  • AutoTL;DRBEnglish
    16 months ago

    This is the best summary I could come up with:

    “Rather than acknowledge its role in this data security disaster, 23andMe has apparently decided to leave its customers out to dry while downplaying the seriousness of these events,” Hassan Zavareei, one of the lawyers representing the victims who received the letter from 23andMe, told TechCrunch in an email.

    In December, 23andMe admitted that hackers had stolen the genetic and ancestry data of 6.9 million users, nearly half of all its customers.

    The hackers broke into this first set of victims by brute-forcing accounts with passwords that were known to be associated with the targeted customers, a technique known as credential stuffing.

    “The breach impacted millions of consumers whose data was exposed through the DNA Relatives feature on 23andMe’s platform, not because they used recycled passwords.

    23andMe’s attempt to shirk responsibility by blaming its customers does nothing for these millions of consumers whose data was compromised through no fault of their own whatsoever,” said Zavareei.

    Lawyers with experience representing data breach victims told TechCrunch that the changes were “cynical,” “self-serving,” and “a desperate attempt” to protect itself and deter customers from going after the company.

    The original article contains 721 words, the summary contains 184 words. Saved 74%. I’m a bot and I’m open source!