23andMe admits hackers stole raw genotype data - and that cyberattack went undetected for months | Firm says it didn’t realize customers were being hacked::Firm says it didn’t realize customers were being hacked
23andMe admits hackers stole raw genotype data - and that cyberattack went undetected for months | Firm says it didn’t realize customers were being hacked::Firm says it didn’t realize customers were being hacked
The official RCA is credential stuffing.
Reused passwords are a bitch.
The main surprise is that you were able to get to genomic data with just a password. I thought it was only ever sent over email to the account email.
Maybe the attack involved changing email as well?