23andMe has confirmed to BleepingComputer that it is aware of user data from its platform circulating on hacker forums and attributes the leak to a credential-stuffing attack.
According to the quote they would’ve used breached passwords. You don’t know anything about request limiting. It wasn’t just randomly entering passwords unrestricted, as per your own quote.
According to the quote they would’ve used breached passwords. You don’t know anything about request limiting. It wasn’t just randomly entering passwords unrestricted, as per your own quote.
Okay 2FA then. Limit it somehow