|
|
|
|
|
|
by dandesim
900 days ago
|
|
|
6.9 million accounts had information stolen because they were "relatives" of 14,000 users? Something doesn't add up there. That would mean each of those random users had 492 "relatives" on the platform. I've never used 23andMe for fears of exactly this, but they should look at recalibrating what the term "relative" means if you're opting in to sharing genetic information. The average Facebook user has 338 friends, as a point of reference, and I sure wouldn't want my information shared with those people. |
|
|
> 6.9 million accounts had information stolen because they were "relatives" of 14,000 users? Something doesn't add up there.
It adds up. The key is that for the attackers to get my data they only have to compromise 1 of my 1500 relatives.
14 000 out of 14 000 000 accounts were compromised, so 1 in a 1000.
In other words the attacked has 1500 chances to roll a 1 on a d1000 if they want to get my data. The probability they can do that is 1-(1-0.001)^1500 which is 0.78.
If everyone had about as many relatives as I do, we'd expect the attackers to get data on nearly 11 million people from those 14 000 compromised accounts. Getting "only" 6.9 million suggests that on average people have a little under 700 relatives.