Oddbean new post about login | logout Consumer DNA testing company 23andMe is investigating a potential data breach: Threat actor used credentials exposed in other leaks to access legitimate 23andMe user accounts and scrape data, including “tailored ethnic groupings,” like 1 million lines of data on Ashkenazi people… Data for sale includes full names, usernames, profile photos, sex, date of birth, genetic ancestry results, and geographical location. https://www.bleepingcomputer.com/news/security/genetics-firm-23andme-says-user-data-stolen-in-credential-stuffing-attack/ #infosec #security #cybersecurity #techlaw #privacy
Computer crime nerds will appreciate that, not only does 23andMe claim “no data security incident within our systems,” but their support team over on Xitter claims “no unauthorized access” 🤔 https://files.mastodon.social/media_attachments/files/111/190/387/336/774/792/original/f0b0186e7faaf5f4.jpeg
