23 and Me blames victims for data breach?

Share post:

23andMe, the genetic testing company, is facing over 30 lawsuits after a massive data breach, affecting nearly half of its customers. The breach, which initially compromised about 14,000 accounts through credential stuffing, eventually led to the exposure of 6.9 million users’ genetic and ancestry data. This widespread access was facilitated by users opting into the DNA Relatives feature, which shares data with people considered relatives on the platform.

In a controversial move, 23andMe blamed the victims, claiming that the breach resulted from users recycling passwords, not from the company’s security measures. Critics argue this stance overlooks the company’s responsibility to safeguard personal and genetic information against such attacks. Following the breach, 23andMe reset all customer passwords and mandated multi-factor authentication, which was previously optional. The company also modified its terms of service, seemingly to deter class action lawsuits and mass arbitration claims.

Featured Tech Jobs


Related articles

Cyber Security Today, Week in Review for week ending Friday, Feb. 23, 2024

This episode features discussion on the takedown of the LockBit ransomware gang

Breaking news: RCMP facing ‘alarming’ cyber attack

The RCMP is facing a serious cyber attack from an unspecified threat actor. The Mounties told CBC News today that a “breach of this magnitude is alarming.” “The situation is evolving quickly but at this time, there is no impact on RCMP operations and no known threat to the safety and security of Canadians,” a spokesperson

Leaked documents may show the inside of China’s hacking strategy

Documents apparently stolen by disgruntled employees to embarrass their firm may give insight into China's cyber

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways