23andMe Blames Users for Recent Data Breach as It’s Hit With Dozens of Lawsuits::Plus: Russia hacks surveillance cameras as new details emerge of its attack on a Ukrainian telecom, a Google contractor pays for videos of kids to train AI, and more.

  • edric@lemm.ee
    link
    fedilink
    English
    arrow-up
    4
    ·
    10 months ago

    Not sure of this specific case, but typical brute force attacks are done locally on the database that was acquired from the breach, not on the site itself. This way lockouts aren’t an issue.

    • bamboo
      link
      fedilink
      English
      arrow-up
      6
      ·
      10 months ago

      In this case it was a credential stuffing attack against the live login form on the website based on the information released.