23andMe Blames Users for Recent Data Breach as It’s Hit With Dozens of Lawsuits::Plus: Russia hacks surveillance cameras as new details emerge of its attack on a Ukrainian telecom, a Google contractor pays for videos of kids to train AI, and more.
23andMe Blames Users for Recent Data Breach as It’s Hit With Dozens of Lawsuits::Plus: Russia hacks surveillance cameras as new details emerge of its attack on a Ukrainian telecom, a Google contractor pays for videos of kids to train AI, and more.
Not sure of this specific case, but typical brute force attacks are done locally on the database that was acquired from the breach, not on the site itself. This way lockouts aren’t an issue.
In this case it was a credential stuffing attack against the live login form on the website based on the information released.