> “Therefore, the incident was not a result of 23andMe’s alleged failure to maintain reasonable security measures”
In all honesty, you can hardly make this claim unless they properly communicated and mandated (at least in writing, since I can't imagine how it could be actually enforced) that users chose/pick passwords different from other platforms. Or at the least enforce an aggressive password change schedule, etc...
>at least in writing, since I can't imagine how it could be actually enforced
You can check passwords against known-compromised lists and then tell the user "sorry, please use a different password". This is something that is a recommended best practice, and has been for at least a few years.
>Or at the least enforce an aggressive password change schedule
This has been explicitly not recommended since at least 2016 by NIST. Research has shown this leads to password fatigue, which results in weaker passwords that are just iterated on (password1 -> password2 -> password3).
Let's not fall for 23andMe's attempts at victim blaming. They offered the service, and they failed to implement to reasonable security practices. Their process allowed users to pick "obviously" flawed passwords. Well, those passwords weren't obviously flawed enough to bar their use, but obvious enough to blame users afterwards.... yeah that's BS.
And even commercial broadband services.... In full disclosure I worked as a supplier to implement MPTCP on the CPE for BT at the launch of their service (time marker 1:48 starting point) : https://youtu.be/eMKAFWy6940
For those experts in the field, curious how this study relates to this one : https://psycnet.apa.org/record/2011-17952-001 , I'm absolutely no expert in any of this, but I am bilingual and did encourage my kids to explore and learn new language(s).
That was exactly my thinking actually..... I own an equestrian property as a hobby, I need a big diesel truck (1 ton) to haul horses, hay, tractor, etc... Sometimes for very long distances (>1000kms) for shows, etc... There are no viable options today, or in the near (10-15 years) future that offer viable alternatives in the form of an EV... at least not from traditional HD truck vendors.....
