[Important] Ancestry / RootsWeb users - security breach

Discussion in 'General Chatter' started by oman, Dec 24, 2017.

  1. oman

    oman Aussie Admin Staff Member

    Offline
    Messages:
    44
    Likes Received:
    1,504
    Location:
    Sydney, Australia
    Code:
    https://blogs.ancestry.com/ancestry/2017/12/23/rootsweb-security-update/
    Please have a read of the above blog post if you are a past or current user of Ancestry and / or RootsWeb. I was browsing Twitter and it came up - I thought it would be relevant to you.

    Main take outs:
    • Don't reuse passwords (Don't use the same password on multiple sites)
    • Don't be surprised if your Ancestry account requires a password reset next time you log in - they are doing this for your security. Set a password different from your old one.
    • If you are using the same password on multiple sites, it's a good new year's resolution to rectify this and set a different password for each site you are a member of.
    Additional resources:

    Code:
    https://haveibeenpwned.com/
    A site that can be used to check if your email has been caught up in any data breaches. Enter your email. If any sites come up as Pwned, change your password on those sites.

    Code:
    https://haveibeenpwned.com/Passwords
    A site that can be used to check if your passwords have previously been involved in a data breach. If you see 'Pwned', change that password to something else on the site you've used it.
     
  2. Daft Bat

    Daft Bat Administrator. Chief cook & bottle washer! Staff Member

    Online
    Messages:
    6,447
    Likes Received:
    25,028
    Location:
    Northamptonshire, England.
    oman likes this.
  3. Sis

    Sis Rootles out resources!

    Offline
    Messages:
    4,235
    Likes Received:
    16,096
    Location:
    Beckenham, Western Australia
    Thanks @oman . Merry Christmas.:)
     
    oman likes this.
  4. Ma-dotcom

    Ma-dotcom A Bonza Little Digger!

    Offline
    Messages:
    6,813
    Likes Received:
    17,721
    Location:
    South Australia
    Thanks @oman , nice to get a clean slate. ;)
     
  5. GJH

    GJH Well-Known Member

    Offline
    Messages:
    45
    Likes Received:
    277
    Location:
    Teesside
    It tells me my address has been "Pwned on 1 breached site" but gives no indication of which site it is - which is worse than useless.
    I do note, though, that it then invites subscription - sneaky way to collect e-mail addresses?
     
  6. Ma-dotcom

    Ma-dotcom A Bonza Little Digger!

    Offline
    Messages:
    6,813
    Likes Received:
    17,721
    Location:
    South Australia
    Does that mean you use same password on more than one site?
     
  7. GJH

    GJH Well-Known Member

    Offline
    Messages:
    45
    Likes Received:
    277
    Location:
    Teesside
    No. I use different passwords on different sites. The "pwned" message relates to the e-mail address though, not the password.
    Obviously, like most people, I use the same e-mail address on different sites but the message gives no indication as to which of those sites was, allegedly, involved.
    If the software is able to identify a compromised site then what valid reason is there for not including the name of the site in the response?
     
  8. Ma-dotcom

    Ma-dotcom A Bonza Little Digger!

    Offline
    Messages:
    6,813
    Likes Received:
    17,721
    Location:
    South Australia
    Oh dang, just went there again & am told "no pawnage found." clicked-notify me when I get pawned.
    Open email & guess what?
    'Oh no — pwned!
    Pwned on 3 breached sites and found 1 paste
    Anti Public Combo List (unverified): In December 2016,
    Exploit.In (unverified): In late 2016,
    Onliner Spambot: In August 2017
    Pastes you were found in:siph0n.in Unknown 8,769 "

    All on a dark red background. Gonna stop reading unjoyful tidings. So dislike red in large portions.
     
    Sis likes this.
  9. oman

    oman Aussie Admin Staff Member

    Offline
    Messages:
    44
    Likes Received:
    1,504
    Location:
    Sydney, Australia
    Essentially the site tells you whether an account under your email was caught up in a breach (or multiple).

    Different sites have these security issues at different times. It’s just good to keep things under control.

    By posting it, I’m definitely not trying to scare you but it’s quite a widely known tool.

    The site covers both emails and passwords as normally when security breaches like these happen it can include one or the other (or both).

    @GJH if you would like to screenshot what you got and send it through to me in a PM I can try and help decipher what it is saying.

    The email alert is optional. Even if you put your email in, you would still need to confirm the subscription via your inbox (I tested it myself)
     
  10. GJH

    GJH Well-Known Member

    Offline
    Messages:
    45
    Likes Received:
    277
    Location:
    Teesside
    I don't have a problem with what the screen says oman but what it doesn't say (i.e. which web site I am registered with has supposedly had e-mail address/password lists (including mine) hacked) :) I also appreciate you are not trying to scare anyone :)

    The only reference the site makes is to a spambot called Onliner Spambot being identified in August. It infers (by omission) that the spam list created by a spambot must result from one or more breaches and ignores the fact that spambots harvest addresses from sources like mailto links (which I have and understand the spam risk of having) and forums/mailing lists which publish user addresses.
     

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice