Privacy

1172 readers

1 users here now

Icon base by Lorc under CC BY 3.0 with modifications to add a gradient

founded 1 year ago

MODERATORS

Genetic testing giant 23andMe is reportedly turning the blame back on its customers for its recent data breach (www.businessinsider.com)

submitted 9 months ago by [email protected] to c/[email protected]

23 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 0 points 9 months ago (1 children)

IBM defines "Data Breach" as:

any security incident in which unauthorized parties gain access to sensitive data or confidential information, including personal data (Social Security numbers, bank account numbers, healthcare data) or corporate data (customer data records, intellectual property, financial information).

Despite the fact the attackers used real passwords to log in they are still an 'unauthorized party' because they are not the intended party.

It's also legally the case that using a password to access data you know you are not supposed to access still counts as 'hacking'

[–] [email protected] 0 points 9 months ago (1 children)

Well, the authorisation is the password, so from their side it was in fact not a breach because they just got a normal login with the correct authorisation(password).

[–] [email protected] 0 points 9 months ago

The front door unlocked because the burglar found a copy of the key outside.

This wasn't a burglary, though. His key was legitimate.