User data stolen from genetic testing giant 23andMe is now for sale on the dark web - eviltoast

User data stolen from genetic testing giant 23andMe is now for sale on the dark web::User data from 23andMe accounts has been leaked and put up for sale on a dark web forum after what appeared to be a “credential stuffing” cyberattack.

  • ominouslemon@lemm.ee
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    Stop saying that Google and Meta etc “sell/share your data”. It’s just plain wrong and muddies the water and makes fighting them way more difficult. They sell access to the people from whom those data were taken, which is veeeery different.

    Data brokers sell data. Google, Meta etc do not sell data. It’s their biggest asset, why would they just give it away?

      • ominouslemon@lemm.ee
        link
        fedilink
        English
        arrow-up
        2
        ·
        edit-2
        1 year ago

        You have a point there, but I meant that Google does not do that as a business. Every company must provide data to the NSA, the problem is not Google per se

        • Hovenko@iusearchlinux.fyi
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          1 year ago

          Yes, you are correct it is not only google but all the big tech. You are missing very important word here - based in US. My point is that those big companies were very reluctant to handle that data even if it was later proven unconstitutional.
          For example service like Lavabit rather closed their operation than handing over your data. There were companies actually fighting this garbage instead of providing direct infrastructure for NSA to come and go when they need something.

          But back to the original point that with google is your data very safe. That is not true at all. Your data is a lot safer if you choose company which is an actual mail (or other service) provider. With this you have an actual contract that will say they cannot handle your data for commercial purposes - you are the customer not a product and part of their side hustle. That puts google on the bottom of the list. On top of that you can pick one based in EU and now you are protected even by GDPR and NSA cannot do whatever they want. Of course if you are a shady character you data will be handed over, but in a correct manner. Nowadays secure mail providers are moving to a model where all your data is e2e encrypted and even they have no access to it so if they get a breach, the attacker has nothing. If 3 letter agency asks for something, they will get maybe timestamps in epoch. Those are the most secure services not google.