23andMe: 'Negligent' Users at Fault for Breach of 6.9M Records
When it comes to bad passwords, how much responsibility should a service provider share with its customers?
Stay informed on the latest data breach incidents and security breaches. Protect your information with our up-to-date breach news and analysis.
Search across headline titles and summaries.
Background for this topic.
Breach means unauthorized access to a computer system or network that exposes or steals sensitive data like personal details, passwords, or proprietary information. Attackers often exploit software flaws, weak passwords, or social engineering to gain entry. Breaches can also result from insiders misusing access or accidental data exposure.
Understanding breaches is crucial because they reveal weaknesses in security controls and can lead to data theft or operational disruption. Effective defenses include promptly patching vulnerabilities, enforcing strong authentication, and segmenting networks to limit attacker movement. Detecting breaches quickly through monitoring and logging helps contain damage and guide targeted remediation efforts to secure affected systems and data.
When it comes to bad passwords, how much responsibility should a service provider share with its customers?
A 23andMe letter sent to a legal firm representing victims of the data breach claims that users were at fault for recycling passwords
Also: Mandiant X Account Hijacked in Cryptocurrency ScamThis week, hackers took over Mandiant's X account, authorities charged a Nigerian hacker with stealing $7.5 million from charities, the DOJ fined XCast $10 million for illegal robocalls, and attackers exploited an SMTP smuggling flaw in a phishing email campaign.
Protecting domain name systems finally has the attention of cybersecurity professionals -because every recent large data breach has involved a DNS vulnerability. But there is much work to be done. According to Ihab Shraim, chief technical officer at Corporation Services Company, just 1 in 100 security companies knows who their registrar is and where their domain name resides.
HealthEC Hack Also Compromised More Than a Dozen US Healthcare SystemsA hacking incident at a New Jersey-based vendor of artificial intelligence-enabled population health management services that involved a network server has affected more than a dozen of its healthcare clients across the country and nearly 4.5 million of their patients.
The Russian hackers behind a December breach of Kyivstar, Ukraine's largest telecommunications service provider, have wiped all systems on the telecom operator's core network. [...]
Users apparently at fault after reusing credentials the company didn't check were already compromised 23andMe users' godawful password practices were supposedly to blame for the biotech company's October data disaster, according to its legal reps.…
The hours-long breach — since resolved — directed users to a suspicious website as attackers posing as crypto-wallet service Phantom took over the feed of the Google subsidiary.
HealthEC said that sensitive medical data was exposed in the breach, which is now thought to have impacted 4.5 million people
American cybersecurity firm and Google Cloud subsidiary Mandiant had its X (formerly Twitter) account compromised for more than six hours by an unknown attacker to propagate a cryptocurrency scam
After Xerox cybersecurity personnel discovered the breach, they brought in third-party experts to investigate.
Orange Spain suffered an internet outage today after a hacker breached the company's RIPE account to misconfigure BGP routing and an RPKI configuration. [...]
HealthEC LLC, a provider of health management solutions, suffered a data breach that impacts close to 4.5 million individuals who received care through one of the company's customers. [...]
Imaging giant Xerox says it suffered a security incident, as ransomware group INC Ransom claims scalp
Orbit Chain has experienced a security breach that has resulted in a loss of $86 million in cryptocurrency, particularly Ether, Dai, Tether, and USD Coin. [...]
The U.S. division of Xerox Business Solutions (XBS) has been compromised by hackers, and a limited amount of personal information might have been exposed, according to an announcement by the parent company, Xerox Corporation. [...]
From legal proceedings to potential YouTube fodder The court system of Victoria, Australia, was subject to a suspected ransomware attack in which audiovisual recordings of court hearings may have been accessed.…
Yahoo customers suffered the largest data breaches in history by some measures. But a decade on, experts warn, we still haven't learned our lesson.