Millions of Americans are exploring genealogy, uploading birthdates, maiden names, and family connections to popular platforms. While the hobby offers personal discovery, it also exposes sensitive data to cybercriminals.
These details-often shared publicly-are harvested by data brokers and exploited in targeted scams. Security questions like 'mother’s maiden name' or 'birth city' are easily answered using open family trees.
Scammers use this information for impersonation attacks, especially against elderly relatives, and can map entire family networks for phishing campaigns. The 2026 collapse of 23andMe highlighted how genetic and ancestral data may persist long after a company fails.
Even private trees aren't fully secure-relatives’ public posts, obituaries, and data scraping spread information across the web. Experts urge caution: limit sharing, avoid posting full dates and addresses, and monitor data broker sites.
Proactive data removal services can help erase personal information from people-search databases, reducing exposure over time.