Hope this isn’t a repeated submission. Funny how they’re trying to deflect blame after they tried to change the EULA post breach.

    • pearsaltchocolatebar@discuss.online
      link
      fedilink
      English
      arrow-up
      15
      arrow-down
      3
      ·
      11 months ago

      It’s actually the user’s fault. The emails and passwords came from a different breach, and some of those also worked on 23andMe. This is why you don’t reuse passwords.

      • Hegar@kbin.social
        link
        fedilink
        arrow-up
        1
        ·
        11 months ago

        It’s actually the user’s fault. The emails and passwords came from a different breach

        No, 23andme is very clearly at fault.

        Only 0.02% of those who had their personal info leaked were hacked by a credential stuffing attack.

        99.8% of victims were victims because the company launched an obviously unsafe feature that allowed intruders to acces 500 other people’s details for each compromised account.

        No one changes the password on sites they don’t use anymore and this is basically a single use service.