Technology

58094 readers

3216 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related content.
Be excellent to each another!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, to ask if your bot can be added please contact us.
Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago

MODERATORS

[email protected]

827

23andMe tells victims it's their fault that their data was breached | TechCrunch (techcrunch.com)

submitted 8 months ago by [email protected] to c/[email protected]

279 comments fedilink hide all child comments

Hope this isn't a repeated submission. Funny how they're trying to deflect blame after they tried to change the EULA post breach.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 6 points 8 months ago (1 children)

User opted-in to share those data

[–] [email protected] 0 points 8 months ago (3 children)

You opt in to share your data with Facebook. Would you still consider it an issue if your data was breached because someone else's account was hacked?

[–] [email protected] 4 points 8 months ago

I would consider normal that my photos that I only share with some people were leaked if one of those people's accounts got hacked.

[–] [email protected] 2 points 8 months ago* (last edited 8 months ago)

Sure, it's a breach, but I would blame my idiot friend for re-using passwords. I wouldn't blame the service for doing exactly what I expected the service to do, and is the reason I chose to use the service in the first place.

It's also the reason I've very selective about what I share with anyone online, friend or otherwise.

[–] [email protected] 1 points 8 months ago* (last edited 8 months ago) (1 children)

If you share your nudes with the "friends only" privacy settings on facebook, and someone else accesses one of your friends accounts because they reused their password and proceeds to leak those photos, is it the fault of Facebook, your friend, the person leaking them, or you?

Because that is exactly what happened here. Credit stuffing reused passwords and scraping opt-in "friends only" shared data between accounts.

[–] [email protected] 0 points 8 months ago (1 children)

Private health data was compromised as well, on a smaller scale. It doesn't make sense to blame users for a security breach of a corporation, literally ever. That's my point. The friend was dumb, and you shared something maybe you shouldn't have. But that doesn't also absolve the company of poor security practices. I very strongly doubt that 14,000 people knew or consciously chose to directly share with a collective 7 million people.

[–] [email protected] 3 points 8 months ago* (last edited 8 months ago)

But they did. All 7 million of them - that's why their data was visible for those 14000.

As it says in the article:

From these 14,000 initial victims, however, the hackers were able to then access the personal data of the other 6.9 million victims because they had opted-in to 23andMe’s DNA Relatives feature. This optional feature allows customers to automatically share some of their data with people who are considered their relatives on the platform.

Here's what each and every one of those 7 million people opted in and agreed to:

https://customercare.23andme.com/hc/en-us/articles/115004659068-DNA-Relatives-The-Genetic-Relative-Basics