23andMe blames “negligent” breach victims, says it’s their own fault

In a surprising move, in a letter to legal representatives of victims of the recent 23andMe data breach, the company has laid the blame at the feet of victims themselves.

23andMe even goes as far as to claim that this wasn’t a data breach at 23andMe at all. The reasoning:

“… unauthorized actors managed to access certain user accounts in instances where users recycled their own login credentials—that is, users used the same usernames and passwords used on 23andMe.com …

23andme breach claim data data breach far goes legal letter own reasoning the company