Featured in this episode of Tech News of the Week
Look I know you are just as tired of getting updates from 23andMe as I am. I get it. I have more 23rd cousins twice removed this month. AGAIN. Can you hush about it for 5 seconds??
This update, however, is much more unfortunate. In October, 23andMe disclosed that they had been hacked, via credential stuffing and weak passwords. Basically, weak, reused, already compromised passwords were used to gain access to user data.
Through connected data, though (because of course everything is connected by design) escalations could mean around 7 million users’ data (profiles and family tree data) were compromised. Allegedly, all impacted customers were notified, and ALL 23andMe customers have to reset their password and enable MFA.
I just checked, and yep. They required a new password, and MFA was enabled. MFA was done via my connected email account, but they do have an app based setting you can enable from the settings- all of which is good. Forcing the entire customer base to change passwords is inconvenient, sure, but it definitely stops any future data losses from this breach in their tracks.
In other news, apparently my new genetic traits update is that I’m “less likely to be able to match a musical pitch,” which is 1) bad, and 2) totally explains my, shall we say “uneven” karaoke performance last month. And here I thought the audience was crying tears of joy.