Comment on Drugmakers Are Set to Pay 23andMe Millions to Access Consumer DNA
eager_eagle@lemmy.world 1 year agoIt’s understandable they phrase it like that when themselves are the main consumer of this data for their own research. I fail to see any shady behavior from their part here whatsoever. Regarding 23andMe, I’m vastly more concerned with the data leak episode they had recently and what they’re doing to prevent a future episode like this.
dpkonofa@lemmy.world 1 year ago
It wasn’t a data leak. It was an authorization incursion brought on by users using the same username/email and password combo on other sites that had been compromised. If people don’t have 2FA enabled for these accounts, then it’s on them. There’s literally nothing that 23andme can do about a situation like that when unauthorized users have both the email and password for an account without 2FA. They might have been able to force 2FA on accounts but it’s too late for that when other accounts are compromised.
eager_eagle@lemmy.world 1 year ago
ah that’s right, my bad. I remember not being sure if the credential reuse thing was 23andMe trying to downplay the attack, but it seems to really be the case. Not much to worry then.