The Daily Swig Web security digest

Ancestry.com reveals RootsWeb breach affecting 300,000 users

James Walker | 29 December 2017 at 11:36

Genealogical community taken offline as new security measures implemented.

An online family history community powered by Ancestry.com has been subject to a data breach that resulted in approximately 300,000 email and password combinations being leaked.

On December 20, Ancestry’s information security team received a message from a security researcher indicating that he had found a file containing emails, passwords, and usernames for the RootsWeb.com genealogical community.

RootsWeb is a free community-driven collection of tools that are used by some people to host and share genealogical information. Ancestry has been hosting dedicated RootsWeb servers on behalf of the community since 2000.

Following an investigation into the breach, Ancestry said it determined that the file was legitimate, although the majority of the information was old.

“Though the file contained 300,000 email/usernames and passwords, through our analysis we were able to determine that only approximately 55,000 of these were used both on RootsWeb and one of the Ancestry sites,” said Tony Blackham, chief information security officer at Ancestry.com.

The site has temporarily been taken offline, as the Ancestry team implements new security measures.

While RootsWeb does not host sensitive information such as credit card numbers or social security numbers, all impacted users have had their accounts locked and will need to create a new password the next time they visit.

“We are doing a deep analysis of RootsWeb, its design and how we might be able to help the community enhance the site and its services,” said Blackham. “It is our desire to continue to host these tools for the community with appropriate safeguards in place.”