Privacy

1100 readers

1 users here now

Icon base by Lorc under CC BY 3.0 with modifications to add a gradient

founded 1 year ago

MODERATORS

[email protected]

129

Genetic testing giant 23andMe is reportedly turning the blame back on its customers for its recent data breach (www.businessinsider.com)

submitted 8 months ago by [email protected] to c/[email protected]

26 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 17 points 8 months ago (1 children)

The hackers initially got access to around 14,000 accounts using previously compromised login credentials, but they then used a feature of 23andMe to gain access to almost half of the company's user base, or about 7 million accounts

Is there more to the breach than just stolen passwords? What feature did they use and what access did they gain?

[–] [email protected] 9 points 8 months ago

I recall from previous coverage of this that there is a social network feature in the site where you can voluntarily share your info with friends and family.

So 14,000 accounts got accessed via reused passwords and then that gave them access to 7 million people's data because they chose previously to share info with those 14,000.