• thedirtyknapkin@lemmy.world
    link
    fedilink
    English
    arrow-up
    4
    ·
    11 months ago

    the heck was when they got the username and password. this is just the extended consequences because people use the same password for everything.

    • surewhynotlem@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      1
      ·
      11 months ago

      That is correct. But they didn’t get that from 23andMe. They got the username and password from other sites that were hacked, and the affected users were those that had the same password on 23andme. This is not a 23andMe security issue.

      • thedirtyknapkin@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        11 months ago

        that’s kind of fair, but part of the point is that they didn’t even need to access the accounts of people that were compromised. they just needed to access someone who was related to them to access their genetic info.