Ancestry Details

    Organization Logo

    Ancestry

    Lehi, Utah employees • Technology

    Industry

    Technology

    Security Incidents

    1

    Ancestry.com LLC is an American genealogy company based in Lehi, Utah. The largest for-profit genealogy company in the world, it operates a network of genealogical, historical records, and related genetic genealogy websites.

    Security Incidents

    Ancestry Breach of Dec 2023
    Severity Score
    Significant

    Type

    Unknown

    Summary

    In December 2023, Ancestry experienced a cyber security incident where hackers, using old passwords from customers of the genetic testing company 23andMe, gained access to personal information from about 6.9 million profiles. The breach exposed data such as ancestry trees, birth years, geographic locations, and DNA-related information. The threat actor was able to breach about 14,000 profiles initially, which accounted for 0.1% of 23andMe's user accounts. The hackers accessed information from 5.5 million DNA Relatives profiles, including display names, DNA shared percentages, and predicted rel...
    Show more

    Severity

    The Ancestry cyber security incident in December 2023 was severe as hackers accessed data belonging to 6.9 million users, with a very small percentage of user accounts (0.1%) being compromised, totaling roughly 14,000 accounts. The attackers collected personal data from about 5.5 million people who had opted in to DNA Relatives, exposing sensitive information like names, birth years, relationship labels, DNA shared with relatives, ancestry reports, and self-reported locations.

    Impact

    The breach impacted a significant number of users, with hackers accessing a large amount of profile information about users' ancestry shared through 23andMe's DNA Relatives feature. The leaked data included ancestry information, health-related information based on genetics, and personal details of millions of users, potentially leading to privacy concerns and risks of identity theft for those affected.