this post was submitted on 24 Jan 2024
124 points (97.7% liked)

Privacy

1272 readers
69 users here now

Icon base by Lorc under CC BY 3.0 with modifications to add a gradient

founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 4 points 10 months ago

This is the best summary I could come up with:


Now, after being hit by a series of class action lawsuits from victims of the breach, the company is reportedly turning the blame back to the users — telling them they should have been more cautious about recycling their login credentials.

"Users negligently recycled and failed to update their passwords following these past security incidents, which are unrelated to 23andMe," the company told a group of victims in a letter initially reported by TechCrunch.

The CPRA — otherwise known as the California Privacy Rights Act — strengthened security measures for consumers to stop businesses from sharing their personal information.

"Rather than acknowledge its role in this data security disaster, 23andMe has apparently decided to leave its customers out to dry while downplaying the seriousness of these events," Hassan Zavareei, one of the lawyers representing the victims who received the letter from 23andMe, told TechCrunch.

Following the breach, the company asked all its users to reset their passwords and set up additional security measures like two-factor authentication, according to its website.

In October, the company said the results of its preliminary investigation showed no indication of a data security incident within its systems.


The original article contains 364 words, the summary contains 192 words. Saved 47%. I'm a bot and I'm open source!