23andMe admits hackers stole raw genotype data - and that cyberattack went undetected for months | Firm says it didn’t realize customers were being hacked::Firm says it didn’t realize customers were being hacked

  • @[email protected]
    link
    fedilink
    English
    711 months ago

    This is the one that was from previously breached credentials right?

    So their only fault was not forcing (did they support?) 2FA. + Potentially not having brute force monitoring?

    • @macrocephalic
      link
      English
      611 months ago

      Not having brute force mitigation is a pretty big miss.

      • @[email protected]
        link
        fedilink
        English
        211 months ago

        Yeh, probably. But in this case they probably had only a few passwords per email, but lots of usernames to try. So per account blocks may not have worked as they had the correct passwords?