Lessons from the 23andMe Breach and NIST SP 800-63B
Preventing Credential Stuffing Introduction In 2023, personal genomics company 23andMe suffered a major data breach that exposed sensitive genetic and personal information of nearly 7 million people. The breach was ultimately traced to a credential stuffing attack, in which hackers used lists of stolen username/password pairs from previous breaches to hijack 23andMe user accounts. This […]
