Canada & UK Partner in Joint 23andMe Data Breach Investigation

  /     /     /  
Publicated : 23/11/2024   Category : security


Canada & UK Partner in Joint 23andMe Data Breach Investigation


The two jurisdictions will work together to investigate the credential-stuffing attack that put the personal data of millions at risk.



Authorities in Canada and the UK have launched a joint investigation into a
23andMe data breach
that occurred last October. 
Thats when a threat actor posted on the Dark Web claiming possession of 23andMe profile information, ultimately releasing roughly 4 million company records. 23andMe launched an investigation, discovering that the breach was a credential-stuffing attack that affected around 7 million people.
The discovery of the attack led the company to
blame the victims of the breach
, saying they were negligent in reusing their passwords that had previously been exposed in past data breaches.
The joint investigation now seeks to protect the fundamental right to privacy of individuals across jurisdictions, as 23andMe is considered to be a custodian of highly sensitive personal information such as genetic history, health, ethnic background, and biological relationships. 
The countries will investigate the scope of the breached information, whether 23andMe had safeguards in place to protect that sensitive information, and whether the notifications the company provided to the regulators was adequate.
People need to trust that any organization handling their most sensitive personal information has the appropriate security and safeguards in place,
said UK Information Commissioner John Edwards
. This data breach had an international impact, and we look forward to collaborating with our Canadian counterparts to ensure the personal information of people in the UK is protected.”
Edwards and Canadian Privacy Commissioner Philippe Dufresne will be jointly investigating the breach.

Last News

▸ Some DLP Products Vulnerable to Security Holes ◂
Discovered: 23/12/2024
Category: security

▸ Scan suggests Heartbleed patches may not have been successful. ◂
Discovered: 23/12/2024
Category: security

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Canada & UK Partner in Joint 23andMe Data Breach Investigation