297
submitted 1 year ago by L4s@lemmy.world to c/technology@lemmy.world

User data stolen from genetic testing giant 23andMe is now for sale on the dark web::User data from 23andMe accounts has been leaked and put up for sale on a dark web forum after what appeared to be a "credential stuffing" cyberattack.

you are viewing a single comment's thread
view the rest of the comments
[-] Hovenko@iusearchlinux.fyi 46 points 1 year ago

Well… that data was not in safe hands in the beginning considering facts that the whole company has very close ties to Alphabet and Google.

[-] ominouslemon@lemm.ee 33 points 1 year ago

You can say whatever you like about Google invading privacy and generally spying on us, but they are probably the best tech company when it comes to security. They practically never get hacked

[-] SARGEx117@lemmy.world 36 points 1 year ago

Them not getting easily hacked =/= your data is safe in their hands.

[-] Hovenko@iusearchlinux.fyi 7 points 1 year ago

Plot twist: It definitely isn't.

[-] flamingo_pinyata@sopuli.xyz 18 points 1 year ago

Makes sense. They profit on our data, if they let it get stolen it will cut into their bottom line.

[-] FrostyTrichs@lemmy.world 6 points 1 year ago

Companies have to know about an attack and announce it to the public for it to exist? For all anyone knows Google is littered with backdoors and zero days and the people responsible are smart enough to siphon off the data quietly. Nothing is safe online and we need to stop pretending Google wouldn't downplay or sweep a breach under the rug to save face.

Google shouldn't be trusted with the data we give them in the first place.

[-] ominouslemon@lemm.ee 4 points 1 year ago

Google shouldn't be trusted with the data we give them in the first place.

While I agree with this, I also must say that yes, EU law literally says that you have to disclose data breaches in 72 hours or something (can't remember exactly how many). If something happened, we would probably know it

[-] Hovenko@iusearchlinux.fyi 4 points 1 year ago

Yeah... like it matters if your data gets thrown around anyway. They sell and share it with third parties without you knowing which and what security practices they use. I rather pay for a product that includes my privacy being protected.

[-] ominouslemon@lemm.ee 3 points 1 year ago

Stop saying that Google and Meta etc "sell/share your data". It's just plain wrong and muddies the water and makes fighting them way more difficult. They sell access to the people from whom those data were taken, which is veeeery different.

Data brokers sell data. Google, Meta etc do not sell data. It's their biggest asset, why would they just give it away?

[-] Hovenko@iusearchlinux.fyi -1 points 1 year ago

Dunno... heard something about a guy names Snowden?

[-] ominouslemon@lemm.ee 2 points 1 year ago* (last edited 1 year ago)

You have a point there, but I meant that Google does not do that as a business. Every company must provide data to the NSA, the problem is not Google per se

[-] Hovenko@iusearchlinux.fyi 1 points 1 year ago* (last edited 1 year ago)

Yes, you are correct it is not only google but all the big tech. You are missing very important word here - based in US. My point is that those big companies were very reluctant to handle that data even if it was later proven unconstitutional.
For example service like Lavabit rather closed their operation than handing over your data. There were companies actually fighting this garbage instead of providing direct infrastructure for NSA to come and go when they need something.

But back to the original point that with google is your data very safe. That is not true at all. Your data is a lot safer if you choose company which is an actual mail (or other service) provider. With this you have an actual contract that will say they cannot handle your data for commercial purposes - you are the customer not a product and part of their side hustle. That puts google on the bottom of the list. On top of that you can pick one based in EU and now you are protected even by GDPR and NSA cannot do whatever they want. Of course if you are a shady character you data will be handed over, but in a correct manner. Nowadays secure mail providers are moving to a model where all your data is e2e encrypted and even they have no access to it so if they get a breach, the attacker has nothing. If 3 letter agency asks for something, they will get maybe timestamps in epoch. Those are the most secure services not google.

[-] elbarto777@lemmy.world 6 points 1 year ago

Your comment implies that they get hacked all the time - which they don't.

But I see what you're saying, since they themselves sell your data.

[-] Hovenko@iusearchlinux.fyi 1 points 1 year ago

Yes, that is what I meant. Google/Alphabet are companies living off selling personal data. That is a big no no no no nooo.

this post was submitted on 08 Oct 2023
297 points (97.1% liked)

Technology

59672 readers
3942 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS