User data from 23andMe accounts has been leaked and put up for sale on a dark web forum after what appeared to be a "credential stuffing" cyberattack.

User data stolen from genetic testing giant 23andMe is now for sale on the dark web::User data from 23andMe accounts has been leaked and put up for sale on a dark web forum after what appeared to be a “credential stuffing” cyberattack.

  • zoe@lemm.eeEnglish
    154·
    9 months ago

    probably cause they didn’t invest much in cybersec…like most companies…and they deserve it, for not hiring such essential engineers

    • Muddybulldog@mylemmy.winEnglish
      91·
      9 months ago

      Credential stuffing is, first and foremost, a user issue. There’s only so much you can do when people use the same password for all their different websites.

      That being said, there are some “above and beyond” steps a platform can take and most companies definitely don’t.

    • WHYAREWEALLCAPS@lemmy.worldEnglish
      61·
      9 months ago

      Yeah, this is a decades old ongoing issue with companies. They see pretty much anything IT related as a money sink that needs to be trimmed to the bare bones while giving salespeople absurd bonuses. Then they get all surprised pikachu faced when they get hacked or hit with ransomware and their last backup was 6 months ago when they let the IT department go without warning and hired some guys from overseas to handle it remotely.