DNA companies should receive the death penalty for getting hacked | TechCrunch::Personal data is the new gold. The recent 23andMe data breach is a stark reminder of a chilling reality – our most intimate, personal information might

  • Darkassassin07@lemmy.ca
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    11 months ago

    Maybe you shouldn’t use the same user+pass across dozens of different services then.

    The data from 23 and Me was stolen using the legitimate login credentials of users acquired from an entirely different services data breach. Not via their own lax security policies.

    You can’t expect a corporation to protect you from yourself. And they certainly shouldn’t be punished for your ineptitude.

    Don’t get me wrong, these corporations are not your friends, and shouldn’t be trusted implicitly; but you have some responsibilities too.

    /edit:

    But when the chips are down and our data is leaked, they hide behind the old “we were not hacked; it was the users’ old passwords” excuse.

    This logic is equivalent to a bank saying, “It’s not our fault your money got stolen; you should have had a better lock on your front door.” It’s unacceptable and a gross abdication of responsibility.

    I completely disagree with this point. The service obviously has to provide you with access to your information/account. If you give out your login credentials for that access to a third party (another service), that third party loses your information, and it’s then used to access stuff posing as you. That’s your fault. You should not have shared (re-used) those same login credentials with others.

    • Takatakatakatakatak@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      0
      ·
      11 months ago

      You nailed it. Users cannot be trusted to not re-use login credentials.

      I know we all hate it, but proper 2-factor authentication via authenticator apps must be the default position for everything.

      • spudwart@spudwart.com
        link
        fedilink
        English
        arrow-up
        1
        ·
        11 months ago

        Legit have had conversations with people where they position themselves as superior because they use “the same password” but with an @ instead of an a, or an extra 0 at the end.

        Password Managers are really the best solution to using 1 password everywhere without actually putting yourself at risk. 1 password, to unlock the manager, that lets you copy/paste logins.

        But nope 99% of all bullshit I experience in my friends and family is “but thats too complicated” or “thats too hard” when its 200% fucking not.

        I’m calling them out. These are shit excuses for what their real issue is which is “i don’t wanna change my habits” which is just childish and ignorant.

        Even if its easier, even if its safer. If its different, then they don’t want to even try it.

        There are some people who will have “always used” a spoon to dig holes, and if you showed them a shovel, they’d complain that it’s too hard or too complex, and go back to using the spoon.