Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

C2 provides technology services and consultation to businesses and individuals.

T (818) 584 6021
Email: [email protected]

C2 Technology Partners, Inc.
26500 Agoura Rd, Ste 102-576, Calabasas, CA 91302

Open in Google Maps
QUESTIONS? CALL: 818-584-6021
  • HOME
  • BLOG
  • SERVICES
    • Encryption
    • Backups
  • ABOUT
    • SMS Opt-In Form
    • Terms and Conditions
    • Privacy Policy
FREECONSULT
Tuesday, 05 December 2023 / Published in Woo on Tech

23andMe and 6.9M of you

Back in October of this year, we wrote about DNA testing company 23andMe’s reported data breach. Initially thought to “only” impact 1.4 million people, 23andMe has revised that estimate to a whopping 6.9 million impacted users that had data exposed including names, birthdays, locations, pictures, addresses, related family members, but not, as the company has strenuously emphasized, actual genetic data. I’m fairly certain that little nugget is not providing the relief they might hope.

Why this should matter to you

Even if you nor any immediate family is a 23andMe customer, it’s important to understand why this data breach is particularly noteworthy. 23andMe wasn’t hacked in a manner that is more commonplace for large companies – hacked or stolen credentials for someone inside the company that had privileged access, but rather through a mass breach of 14,000 customer accounts that were secured by passwords found in dark web databases, ie. these stepping-stone customers were using the same passwords that were exposed in other breaches and leaks. The hackers used those compromised accounts to essentially automate a mass cross-referencing data harvest that in the end, exposed data on nearly 7 million 23andMe customers. This last data exposure is on 23andMe – it would seem they didn’t anticipate the built-in cross-referencing services that the genetics testing company offers would be turned against itself. Also, there was the minor omission of not enforcing multi-factor authentication to secure everyone’s accounts, which might have compensated for the poor password discipline of its customers. The two take-aways? Unique passwords and multi-factor authentication should be the minimum security requirements you should expect from any service that contains your valuable data.

Image courtesy of geralt at Pixabay

  • Tweet
Tagged under: 23andMe, breach, privacy, security

What you can read next

Time for caution!
Smart Speakers Bamboozled by Laser Pointer Hack
Password Managers targeted
Trojans targeting Password Managers
Yelp Logo
Yelp free-speech case goes to Cali Supreme Court

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • mid year check-in

    Mid-Year IT Health Check: 10 Things Professional Services Firms Should Review Now

    Most firms set their technology priorities in J...
  • Cloud Migration for Professional Services: When It Makes Sense

    Cloud Migration for Professional Services: When It Makes Sense (And When It Doesn’t)

    Every vendor in the technology industry will te...
  • mid age man working on laptop while floating in the sea summer vacation

    Summer Vacation Security Checklist for Professional Services Firms

    Summer is the one time of year when professiona...
  • The $300 Laptop vs. The $1,300 Laptop: A Technology Investment Guide

    The $300 Laptop vs. The $1,300 Laptop: A Technology Investment Guide

    I have had this conversation more times than I ...
  • Remote Work Technology Setup: What Matters for Professional Services Firms

    Remote Work Technology Setup: What Matters for Professional Services Firms

    Remote work is no longer a temporary arrangemen...

Archives

  • GET SOCIAL
Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

© 2016 All rights reserved.

TOP