this post was submitted on 03 Jan 2024
824 points (94.1% liked)

Technology

59963 readers
3075 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
L3s@fry.gs
L4s@fry.gs
L4s@lemmy.world
enu@lemmy.world
824
23andMe tells victims it's their fault that their data was breached | TechCrunch (techcrunch.com)
submitted 11 months ago by Eezyville@sh.itjust.works to c/technology@lemmy.world
277 comments fedilink hide all child comments
 

Hope this isn't a repeated submission. Funny how they're trying to deflect blame after they tried to change the EULA post breach.

you are viewing a single comment's thread
view the rest of the comments
[–] douglasg14b@lemmy.world 43 points 11 months ago (18 children)

OP spreading disinformation.

Users used bad passwords. Their accounts where accessed using their legitimate, bad, passwords.

Users cry about the consequences of their bad passwords.

Yeah, 23AndMe has some culpability here, but the lions share is still in the users themselves

[–] Hegar@kbin.social 0 points 11 months ago (4 children)

Yeah, 23AndMe has some culpability here, but the lions share is still in the users themselves

Tell me you didn't read the article without telling me.

If 14,000 users who didn't change a password on a single use website they probably only ever logged into twice gives you 6.9 million user's personal info, that's the company's fault.

[–] JohnEdwa@sopuli.xyz 5 points 11 months ago* (last edited 11 months ago) (3 children)

You didn't read it either. They gained access to shared information between the accounts because both accounts had enabled "share my info with my relatives" option.

Logging into someones Facebook and seeing their friends and all the stuff they posted as "friends only" and their private DM discussions isn't a hack or a vulnerability, it's how the website works.

[–] Hegar@kbin.social 0 points 11 months ago* (last edited 11 months ago)

Laughing a feature that lets an inevitable attack access 500 other people's info for every comprimised account is a glaring security failure.

Accounting for foreseeable risks to users' data is the company's responsibility and they launched a feature that made a massive breach inevitable. It's not the users' fault for opting in to a feature that obviously should never have been launched.

load more comments (2 replies)
load more comments (2 replies)
load more comments (15 replies)