Comment on 23andMe tells victims it's their fault that their data was breached | TechCrunch
lightnsfw@reddthat.com 5 months agoThere are services that check provided credentials against a dictionary of compromised ones and reject them. Off the top of my head Microsoft Azure does this and so does Nextcloud.
dpkonofa@lemmy.world 5 months ago
This assumes that the compromised credentials were made public prior to the exfiltration. In this case, it wasn’t as the data was being sold privately on the dark web. HIBP, Azure, and Nextcloud would have done nothing to prevent this.
lightnsfw@reddthat.com 5 months ago
Yea, you’re right. Good point.