Comment on 23andMe tells victims it's their fault that their data was breached | TechCrunch
lightnsfw@reddthat.com 10 months agoThere are services that check provided credentials against a dictionary of compromised ones and reject them. Off the top of my head Microsoft Azure does this and so does Nextcloud.
dpkonofa@lemmy.world 10 months ago
This assumes that the compromised credentials were made public prior to the exfiltration. In this case, it wasn’t as the data was being sold privately on the dark web. HIBP, Azure, and Nextcloud would have done nothing to prevent this.
lightnsfw@reddthat.com 10 months ago
Yea, you’re right. Good point.