Hope this isn’t a repeated submission. Funny how they’re trying to deflect blame after they tried to change the EULA post breach.
Hope this isn’t a repeated submission. Funny how they’re trying to deflect blame after they tried to change the EULA post breach.
23andMe is responsible for sandboxing that data, however. Which they obviously didn’t do.
User opted-in to share those data
You opt in to share your data with Facebook. Would you still consider it an issue if your data was breached because someone else’s account was hacked?
I would consider normal that my photos that I only share with some people were leaked if one of those people’s accounts got hacked.
Sure, it’s a breach, but I would blame my idiot friend for re-using passwords. I wouldn’t blame the service for doing exactly what I expected the service to do, and is the reason I chose to use the service in the first place.
It’s also the reason I’ve very selective about what I share with anyone online, friend or otherwise.
If you share your nudes with the “friends only” privacy settings on facebook, and someone else accesses one of your friends accounts because they reused their password and proceeds to leak those photos, is it the fault of Facebook, your friend, the person leaking them, or you?
Because that is exactly what happened here. Credit stuffing reused passwords and scraping opt-in “friends only” shared data between accounts.
Did you not read my comment? Users opt in to sharing data with other accounts, which means if one account is compromised, then every account that allowed them access would have their data compromised too. That’s not on the company, because they feature can’t work without allowing access.