Sorry, you need to enable JavaScript to visit this website.

An anonymous reader quotes a report from TechCrunch: Facing more than 30 lawsuits from victims of its massive data breach, 23andMe is now deflecting the blame to the victims themselves in an attempt to absolve itself from any responsibility, according to a letter sent to a group of victims seen by TechCrunch. "Rather than acknowledge its role in this data security disaster, 23andMe has apparently decided to leave its customers out to dry while downplaying the seriousness of these events," Hassan Zavareei, one of the lawyers representing the victims who received the letter from 23andMe, told TechCrunch in an email. In December, 23andMe admitted that hackers had stolen the genetic and ancestry data of 6.9 million users, nearly half of all its customers. The data breach started with hackers accessing only around 14,000 user accounts. The hackers broke into this first set of victims by brute-forcing accounts with passwords that were known to be associated with the targeted customers, a technique known as credential stuffing. From these 14,000 initial victims, however, the hackers were able to then access the personal data of the other 6.9 million million victims because they had opted-in to 23andMe's DNA Relatives feature. This optional feature allows customers to automatically share some of their data with people who are considered their relatives on the platform. In other words, by hacking into only 14,000 customers' accounts, the hackers subsequently scraped personal data of another 6.9 million customers whose accounts were not directly hacked. But in a letter sent to a group of hundreds of 23andMe users who are now suing the company, 23andMe said that "users negligently recycled and failed to update their passwords following these past security incidents, which are unrelated to 23andMe." "Therefore, the incident was not a result of 23andMe's alleged failure to maintain reasonable security measures," the letter reads. [...] 23andMe's lawyers argued that the stolen data cannot be used to inflict monetary damage against the victims. "The information that was potentially accessed cannot be used for any harm. As explained in the October 6, 2023 blog post, the profile information that may have been accessed related to the DNA Relatives feature, which a customer creates and chooses to share with other users on 23andMe's platform. Such information would only be available if plaintiffs affirmatively elected to share this information with other users via the DNA Relatives feature. Additionally, the information that the unauthorized actor potentially obtained about plaintiffs could not have been used to cause pecuniary harm (it did not include their social security number, driver's license number, or any payment or financial information)," the letter read. "This finger pointing is nonsensical," said Zavareei. "23andMe knew or should have known that many consumers use recycled passwords and thus that 23andMe should have implemented some of the many safeguards available to protect against credential stuffing -- especially considering that 23andMe stores personal identifying information, health information, and genetic information on its platform." "The breach impacted millions of consumers whose data was exposed through the DNA Relatives feature on 23andMe's platform, not because they used recycled passwords," added Zavareei. "Of those millions, only a few thousand accounts were compromised due to credential stuffing. 23andMe's attempt to shirk responsibility by blaming its customers does nothing for these millions of consumers whose data was compromised through no fault of their own whatsoever."

Read more of this story at Slashdot.

smooth wombat writes: The advent of streaming services heralded a new era of movie watching. No longer tied to an inconvenient time at a theater, movies could now be watched at your convenience any time of the day or night in your own home. However, with that convenience comes a sinister side: those same movies disappearing from streaming services. Once the movie is removed from the streaming service you can't watch it again. As a result, more people, particularly younger people, are buying DVDs, and even records, to preserve their ability to watch and listen to what they want when they want. Before his release of Oppenheimer, Christopher Nolan encouraged fans to embrace "a version you can buy and own at home and put on a shelf so no evil streaming service can come steal it from you". From the BBC article: Other directors have chimed in to sing the praises of physical media. James Cameron told Variety:"The streamers are denying us any access whatsoever to certain films. And I think people are responding with their natural reaction, which is 'I'm going to buy it, and I'm going to watch it any time I want.'" Guillermo del Toro posted on X that "If you own a great 4K HD, Blu-ray, DVD etc etc of a film or films you love... you are the custodian of those films for generations to come." His tweet prompted people to reply, sharing evidence of their vast DVD collections. [...]

Read more of this story at Slashdot.

LastPass notified customers today that they are now required to use complex master passwords with a minimum of 12 characters to increase their accounts' security. From a report: Even though LastPass has repeatedly said that there is a 12-character master password requirement since 2018, users have had the ability to use a weaker one. "Historically, while a 12-character master password has been LastPassâ(TM) default setting since 2018, customers still had the ability to forego the recommended default settings and choose to create a master password with fewer characters, if they wished to do so," LastPass said in a new announcement today. LastPass has begun enforcing a 12-character master password requirement since April 2023 for new accounts or password resets, but older accounts could still use passwords with fewer than 12 characters. Starting this month, LastPass is now enforcing the 12-character master password requirement for all accounts. Furthermore, LastPass added that it will also start checking new or updated master passwords against a database of credentials previously leaked on the dark web to ensure that they don't match already compromised accounts.

Read more of this story at Slashdot.

Xerox will lay off 15% of its workforce as the struggling digital printing company moves to cut costs and jump-start growth. From a report: In announcing the cuts, Xerox said Wednesday it is adopting a new operating model and organizational structure aimed at boosting its core print business, while also forming a new business services unit. CEO Steven Bandrowczak said in a statement that the shift will enhance the company's ability to efficiently bring products and services to market, labeling the strategic pivot at Xerox a "reinvention." As of October 2023, Xerox had roughly 20,000 employees, according to the company's website.

Read more of this story at Slashdot.

John Walker, reporting for Kotaku: Steam is by far the most peculiar of online storefronts. Built on top of itself for the last twenty years, Valve's behemothic PC game distributor is a clusterfuck of overlapping design choices, where algorithms rule over coherence, with 2023 seeing over 14,500 games released into the mayhem. Which is too many games. That breaks down to just under 40 a day, although given how people release games, it more accurately breaks down to about 50 every weekday. 50 games a day. On a storefront that goes to some lengths to bury new releases, and even buries pages where you can deliberately list new releases. Compared to 2022, that's an increase of nearly 2,000 games, up almost 5,000 from five years ago. There's no reason to expect that growth to diminish any time soon. It's a volume of games that not only could no individual ever hope to keep up with, but nor could even any gaming site. Not even the biggest sites in the industry could afford an editorial team capable of playing 50 games a day to find and write about those worth highlighting. Realistically, not even a tenth of the games. And that's not least because of those 50 games per day, about 48 of them will be absolute dross. On one level, in this way Steam represents a wonderful democracy for gaming, where any developer willing to stump up the $100 entry fee can release their game on the platform, with barely any restrictions. On another level, however, it's a disaster for about 99 percent of releases, which stand absolutely no chance of garnering any attention, no matter their quality. The solution: human storefront curation, which Valve has never shown any intention of doing.

Read more of this story at Slashdot.

Intuit is being questioned by US lawmakers who say federal tax credits the company received could have been better spent to build a free government alternative to Intuit's popular online tax preparation software, TurboTax. From a report: "For years, Intuit's corporate lobbyists have argued that the federal government should not set up a program for Americans to file their taxes online and for free because it would be too costly for taxpayers," the lawmakers, including Senators Elizabeth Warren and Bernie Sanders, wrote in a letter to the company. "Your company's disclosure reveals that Intuit's research tax break from 2022 alone could have been enough to fund a year of a free e-File program for millions of Americans." The lawmakers asked Intuit to provide details on its research expenses dating to 2018. Warren, a Massachusetts Democrat, and Sanders, an Independent from Vermont, were joined on the letter by Senator Richard Blumenthal, a Connecticut Democrat, and Representative Katie Porter, a Democrat from California. The Internal Revenue Service, in a report to Congress last year, estimated it would cost $64 million to $249 million annually for the agency to run a free-filing program. In the fiscal year ending in July 2023, Mountain View, California-based Intuit received $106 million in federal research and experimentation credits, which amounted to about 4% of its total R&D expenses, according to a regulatory filing.

Read more of this story at Slashdot.

Montana and North Carolina have joined a growing list of states that now require identification to view porn, or are blocked from viewing it altogether, as new age verification laws went into effect on January 1. From a report: A year ago, Louisiana paved the way for a wave of age verification laws that target porn sites; eight states have since passed copycat age verification laws of their own. Montana's SB 544 and North Carolina's HB 8 are nearly identical to Louisiana's and other states' laws. The laws' text make unsubstantiated claims about the addictive potential of pornography and its apparent harms to viewers' health. North Carolina's law was passed as part of unrelated legislation that adds a computer science course to high school graduation requirements. Rather than try to make its users jump through hoops to view its content, Pornhub's parent company has blocked viewers in Montana and North Carolina altogether, as it has in other states with similar legislation.

Read more of this story at Slashdot.

LG touts AI for its 2024 OLED TVs, but don't expect AI assistants onscreen. The Alpha 11 processor in LG's new G4 and M4 series aims to sharpen clarity, color and image quality. The G4 features LG's Micro Lens Array technology for enhanced brightness. The M4 adopts 2023's wireless connectivity to eliminate unsightly cables. The Verge adds: So the AI supposedly now understands creative intent, according to LG, and can adjust your TV's image settings accordingly. Picture purists can always ignore and disable these AI modes, but many people inevitably leave them on -- so if the upgrades are noticeable, they'll be a difference maker for those customers.

Read more of this story at Slashdot.

Roku, the maker of TV streaming boxes and software, is debuting its first high-end televisions in a bid to continue sales momentum for the company's devices. From a report: In the spring, Roku will roll out 55-inch, 65-inch and 75-inch Pro Series TVs that will cost consumers as much as $1,500. The new televisions put Roku in competition with Samsung and LG, which offer several models in that price range. It's a step up from the company's current TVs -- the Select and Plus -- which top out at $999. [...] The new TVs include a thinner design with a flat back for mounting on walls, improved picture quality and better audio for cinematic sound, the San Jose, California-based company said in a statement.

Read more of this story at Slashdot.