this post was submitted on 07 Oct 2023
116 points (91.4% liked)

Technology

59197 readers
3533 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

23andMe User Data Stolen in Targeted Attack on Ashkenazi Jews::At least a million data points from 23andMe accounts appear to have been exposed on BreachForums. While the scale of the campaign is unknown, 23andMe says it's working to verify the data.

top 8 comments
sorted by: hot top controversial new old
[–] [email protected] 36 points 1 year ago (2 children)

Yeah I knew submitting dna samples to companies wasn't a good idea because they give data to police departments but it didn't occur to me to use it to target minorities.

[–] [email protected] 6 points 1 year ago

The accounts compromised were ones that had reused their passwords and the only way to get genomic data from an account is for a link to be sent to your email account.

[–] [email protected] 5 points 1 year ago (1 children)

Something something about police departments targeting minorities...

[–] [email protected] 2 points 1 year ago

Some of those that work forces...

[–] [email protected] 26 points 1 year ago

“We believe that the threat actor may have then, in violation of our terms of service, accessed 23andme.com accounts without authorization and obtained information from those accounts.”

Good to know that these cybercriminals not only skirted the law but also the TERMS OF SERVICE. Must be hardened types to go and break ToS.

[–] [email protected] 11 points 1 year ago

Credential stuffing attack. Who wants to wager that the compromised accounts had a LastPass and have never changed their password?

[–] [email protected] 6 points 1 year ago (1 children)

Specifically Jews? Yeesh, that doesn't sound good.

[–] [email protected] 3 points 1 year ago

The full picture of why the data was stolen, how much more the attackers have, and whether it is actually focused entirely on Ashkenazim is still unclear.

From the article, the title is obviously overstated for effect