By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
RebruitRebruitRebruit
  • Latest
  • Finance
  • Technology
  • Security
  • Guides
Reading: 23andMe wants to Protect the Company at all costs, Shifts blame to the victims
Font ResizerAa
RebruitRebruit
Font ResizerAa
Search
  • Latest
  • Finance
  • Technology
  • Security
  • Guides
Follow US
  • About
  • Our Standards
  • Contact
  • Privacy Policy
  • Cookie Policy
  • Terms of use
© 2025 REBRUIT | We don’t control content on external sites. Read more about how we handle external links

Home » 23andMe wants to Protect the Company at all costs, Shifts blame to the victims

Security

23andMe wants to Protect the Company at all costs, Shifts blame to the victims

January 4, 2024
Share
3 Min Read
23andMe wants to Protect the Company at all costs, Shifts blame to the victims
Image Credit: REUTERS/George Frey
SHARE

Just a month after 23andMe was breached followed by massive criticism and lawsuits, the company wants to avoid charges by all means.

According to a letter sent to the victims, then shared with TechCrunch, it now seems like the company wants to shift blame to the victims whose accounts were compromised.

Hassan Zavareei, an attorney representing the victims, expressed concern that 23andMe is evading responsibility by pointing fingers at its customers instead of acknowledging its role in the data security incident. Last December, 23andMe confirmed a breach where hackers accessed the genetic and ancestry data of 6.9 million users, almost half of its customer base.

The initial breach involved approximately 14,000 user accounts, compromised through credential stuffing—a method where hackers used known passwords associated with targeted customers. Subsequently, by exploiting the DNA Relatives feature, hackers were able to access the personal data of another 6.9 million users who had opted into the platform’s optional data-sharing feature.

In a letter sent to a group of users involved in the lawsuits, 23andMe stated that users were negligent in recycling passwords and not updating them after past security incidents, which the company claims are unrelated to its practices. The letter contends that the data breach was not a result of 23andMe’s failure to maintain reasonable security measures.

Zavareei criticized this response as a “shameless” attempt to blame the victims, emphasizing that 23andMe should have implemented safeguards to protect against credential stuffing, given the sensitive nature of the stored information.

In defense, 23andMe’s lawyers argued that the stolen data couldn’t be used for monetary harm, as it did not include critical information such as social security numbers, driver’s license numbers, or financial details. However, Zavareei countered that millions of consumers were impacted by the DNA Relatives feature, and blaming users does not absolve 23andMe of responsibility.

Following the data breach disclosure, 23andMe made some adjustments and changes. First, they had to reset all customer passwords and make multi-factor authentication mandatory. According to a report from TechCrunch, the company had also adjusted its terms of service in an apparent effort to complicate class action lawsuits. However, the lawyers representing data breach victims deemed the changes as “cynical,” “self-serving,” and a “desperate attempt” to protect the company.

Share This Article
Facebook Whatsapp Whatsapp Bluesky Copy Link
Leave a Comment

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

Block
Square’s Bitcoin Payment Pilot: Bringing Crypto to Everyday Retail
Finance
METAMASK
MetaMask Embraces Solana: A New Era for Multi-Chain Wallets
Finance
Read Smarter, Not Harder
Read Smarter, Not Harder: These Apps Will Help You Read More Anywhere
Guides
Samsung-One-UI-8
15+ New Features Coming to One UI 8
Latest
samsung
Don Belle Boost Samsung Galaxy A-Series Buzz
Latest

You Might Also Like

ZKsync
Security

ZKsync Account Hack: What Happened and What It Means

May 25, 2025
M&S Cyber Attack
Security

How Hackers Broke Into M&S and Co-op: It Wasn’t a Glitch — It Was Human Error

May 6, 2025
Marks-and-Spencer-cyber-attack
Security

M&S cyberattack: Recruitment paused and supply issues reported

May 1, 2025
M&S Pause Online order
Security

M&S pauses all online orders after cyber attack

May 1, 2025
M&S Attack
Security

M&S confirms cyberattack after days of disruption

May 1, 2025
23andMe
Security

23andMe Bankruptcy Raises Serious DNA Privacy Concerns

April 21, 2025
Google Play
Security

New Google Play system update now force your phone to auto-reboot after three days

April 22, 2025
Global Cybersecurity Agencies Uncover Spyware Hidden in Android Apps
Security

Global Cybersecurity Agencies Uncover Spyware Hidden in Android Apps

April 24, 2025
Follow US
© 2025 REBRUIT | We don’t control content on external sites. Read more about how we handle external links
  • About
  • Our Standards
  • Contact
  • Privacy Policy
  • Cookie Policy
  • Terms of use
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?