Guess the company: Takes your DNA, blames you when criminals steal it, can’t spot a cyberattack for 5 months
January 26, 2024 at 11:03AM 23andMe admitted to failing to detect malicious activity for 5 months while attackers exploited user accounts using credential stuffing techniques. The breach exposed data from 6.9 million individuals with DNA Relatives enabled. The company started mandating two-factor authentication only after the breach, and blamed users’ negligence for the incident. The … Read more