23andMe admits hackers stole raw genotype data - and that cyberattack went undetected for months | Firm says it didn’t realize customers were being hacked::Firm says it didn’t realize customers were being hacked

  • A Phlaming Phoenix@lemm.ee
    link
    fedilink
    English
    arrow-up
    11
    ·
    11 months ago

    Do we know they delete the data when you do that? A lot of software is designed to “soft delete” data, where you mark the record with a “deleted” flag that excludes it from future queries. This data still lingers in the database and would still be accessible by anyone who can bypass the application logic, such as someone with a direct DB connection and read privileges.

    • designatedhacker@lemm.ee
      link
      fedilink
      English
      arrow-up
      1
      ·
      11 months ago

      They say that they do, so I’ll be getting a juicy $5 class action check if that was a lie. Most companies that implimented GDPR didn’t do a lot of if eu actually delete type code. The cost of determining EU citizenship incorrectly is pretty high.