Ancestry Details

Ancestry

Lehi, Utah • employees • Technology

Industry

Technology

Security Incidents

Ancestry.com LLC is an American genealogy company based in Lehi, Utah. The largest for-profit genealogy company in the world, it operates a network of genealogical, historical records, and related genetic genealogy websites.

Security Incidents

Ancestry Breach of Dec 2023

Severity Score

Significant

Type

Unknown

Summary

In December 2023, Ancestry experienced a cyber security incident where hackers, using old passwords from customers of the genetic testing company 23andMe, gained access to personal information from about 6.9 million profiles. The breach exposed data such as ancestry trees, birth years, geographic locations, and DNA-related information. The threat actor was able to breach about 14,000 profiles initially, which accounted for 0.1% of 23andMe's user accounts. The hackers accessed information from 5.5 million DNA Relatives profiles, including display names, DNA shared percentages, and predicted rel...
Show more

Severity

The Ancestry cyber security incident in December 2023 was severe as hackers accessed data belonging to 6.9 million users, with a very small percentage of user accounts (0.1%) being compromised, totaling roughly 14,000 accounts. The attackers collected personal data from about 5.5 million people who had opted in to DNA Relatives, exposing sensitive information like names, birth years, relationship labels, DNA shared with relatives, ancestry reports, and self-reported locations.

Impact

The breach impacted a significant number of users, with hackers accessing a large amount of profile information about users' ancestry shared through 23andMe's DNA Relatives feature. The leaked data included ancestry information, health-related information based on genetics, and personal details of millions of users, potentially leading to privacy concerns and risks of identity theft for those affected.