Info@NationalCyberSecurity
Info@NationalCyberSecurity

It’s Not Our Fault You’re Too Lazy to Change Passwords | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker


Was your account ensnared in last year’s 23andMe breach? It’s your own fault.

That’s the message from 23andMe lawyers at least, who responded to legal action against the DNA testing company by blaming customers for reusing passwords across services.

“Users negligently recycled and failed to update their passwords following…past security incidents, which are unrelated to 23andMe,” lawyers wrote to hacking victims, TechCrunch reports. “Therefore, the incident was not a result of 23andMe’s alleged failure to maintain reasonable security measures under” the California Privacy Rights Act.

Technically that’s true. Hackers purchased usernames and passwords stolen from unrelated breaches and tried them on 23andMe to see if people re-used passwords across the web. At least 14,000 of them did. It got a little more serious when 23andMe revealed that the DNA Relatives feature potentially expanded the pool of accessed accounts to 6.9 million.

Calling customers negligent isn’t the best PR move, but this is a legal filing, and 23andMe is trying to avoid paying millions in various class-action lawsuits.

23andMe argues that it “remediated” the problem by signing people out and requiring password resets and multi-factor authentication. Any data accessed by hackers also “cannot be used for any harm,” according to 23andMe, which says Social Security and driver’s license numbers, as well as payment or financial information, were not exposed.

A lawyer for the hacking victims tells TechCrunch that” 23andMe should have implemented some of the many safeguards available to protect against credential stuffing — especially considering that 23andMe stores personal identifying information, health information, and genetic information on its platform.”

——————————————————–


Click Here For The Original Story From This Source.

National Cyber Security

FREE
VIEW