23andMe Blames Users for Recent Data Breach as It’s Hit With Dozens of Lawsuits::Plus: Russia hacks surveillance cameras as new details emerge of its attack on a Ukrainian telecom, a Google contractor pays for videos of kids to train AI, and more.

  • edric
    link
    fedilink
    English
    411 months ago

    Not sure of this specific case, but typical brute force attacks are done locally on the database that was acquired from the breach, not on the site itself. This way lockouts aren’t an issue.

    • @[email protected]
      link
      fedilink
      English
      611 months ago

      In this case it was a credential stuffing attack against the live login form on the website based on the information released.