Ad Image File Exposes 300,000 Login Credentials


rootsweb-data-file-credentials-leak, a free genealogical community site and subsidiary server of Ancestry, announced over the weekend that a file containing emails and login credentials of 300,00 users had been exposed. An outside researcher discovered the leak and alerted the company on December 20.  

According to a blog post by Ancestry, the emails and passwords within the file were affiliated with a retired surname list service, and only 55,000 used the same credentials for Ancestry and At least 7,000 of the exposed login credentials were of active Ancestry users. While is a free service, Ancestry does charge for some services.

Ancestry stated that does not contain credit card or valuable personal information and that they do not believe that any other Ancestry server or website has been breached. They are currently working with law enforcement to uncover the source of the leak, and are reaching out to all affected customers. Customers whose login credentials were compromised will need to create new ones to use their accounts.

As of time of writing, is unavailable due to infrastructure upgrades. “As RootsWeb is a free and open community that has been largely built by its users, we may not be able to salvage everything as we work to resolve this issue and enhance the RootsWeb infrastructure” Ancestry stated in their post. 

Share This

Related Posts