The DNA testing company faces criticism and legal action due to their refusal to take responsibility.There are more than 30 class-action lawsuits against 23andMe over a recent data breach that impacted almost half of its users. However, instead of accepting responsibility for the incident, the company is adopting an unpopular stance and accusing those affected as having used “negligently recycled and outdated passwords.”
Millions were exposed as hackers took advantage of a feature that was not mandatory.Hackers initiated the breach by unlawfully accessing 14,000 accounts through credential stuffing. Subsequently, they utilized the platform’s “DNA Relatives” attribute to reach data belonging to an additional 6.9 million users who had opted-in for this functionality that links them with their genetic kin on the same network.
Attorneys acting on behalf of impacted users have labeled 23andMe’s tactics as “shameful” and “illogical.” They maintain that the corporation ought to have enforced more robust safeguards, especially given its possession of sensitive information.
Although the company asserts that stolen data, including profiles and genetic information, cannot cause financial damage to victims, worries persist about possible misuse leading to discrimination or targeted attacks as well as identity theft.
Although 23andMe revised their terms of service to limit legal action, several lawsuits have surfaced. One such victim is Dante Termohs, who denounces the company’s tactics as “disgusting” and calls for them to take responsibility.
News Source : Techcrunch
Disclaimer
NextNews strives for accurate tech news, but use it with caution - content changes often, external links may be iffy, and technical glitches happen. See full disclaimer for details.