Skip Navigation

News @lemmy.world

return2ozma @lemmy.world

2y ago

Genetics firm 23andMe says user data stolen in credential stuffing attack

www.bleepingcomputer.com /news/security/genetics-firm-23andme-says-user-data-stolen-in-credential-stuffing-attack/

TechNews @radiation.party

irradiated @radiation.party

2y ago

HN

Genetics firm 23andMe says user data stolen in credential stuffing attack

www.bleepingcomputer.com /news/security/genetics-firm-23andme-says-user-data-stolen-in-credential-stuffing-attack/

36 comments

I contacted them to find out if my account was hacked and their automated system claimed they have not experienced a breach and then tried to connect me with an actual person.
- Verify they're a person by having them read you the last 4 base pairs of their DNA.
- Well they weren’t technically hacked, so that’s probably why they responded the way they did.
  They literally used people’s passwords to login.
  If you re-use your passwords across multiple sites then that is what would put you at risk for this.
  Just change your 23andMe to a unique password and you should be good.
- It's been a few hours of "waiting for an agent" without progress so I'm giving up for the day. I think 23andme must be very busy with unhappy customers, or is massively understaffed.
  
  Both? Both!
  
  Why not?

36 comments