- cross-posted to:
- cybersecurity@sh.itjust.works
- cross-posted to:
- cybersecurity@sh.itjust.works
Hope this isn’t a repeated submission. Funny how they’re trying to deflect blame after they tried to change the EULA post breach.
Hope this isn’t a repeated submission. Funny how they’re trying to deflect blame after they tried to change the EULA post breach.
Blaming your customers is definitely a strategy. It’s not a good one, but it is a strategy.
BRB deleting my 23AndMe account
As if deleting your account deletes your data.
Surely they have a GDPR-compliant way to have your info removed. Right?
They’re an American company, and I’m not yet aware of any lawsuits setting the precedent of the GDPR applying to server infrastructure in the USA, which is outside the jurisdiction of the GDPR.
So if they’ve copied your data to their American servers already (you can bet they have), it’s there for good.
UPDATE user_data SET deleted = 1 WHERE ID = you.
Done. Data deleted. All gone forever. Definitely doesn’t just hide it from the user.
You should parameterize that query before Little Bobby enrolls.