Ancestry takes security seriously. We maintain a dedicated team of highly skilled individuals that strive to protect your data and assets with industry standard tools and practices. We recognize that security researchers may identify potential vulnerabilities or security issues on one of our sites. If you believe you have found a vulnerability or security issue on one of our sites including: www.ancestry.com; www.newspapers.com; www.findagrave.com; www.weremember.com; www.memoriams.com; www.archives.com; www.fold3.com; www.progenealogists.com; or www.rootsweb.com, we encourage you to notify us using the instructions below. If you follow all of these instructions, Ancestry and its affiliates will not initiate legal action against you so long as you have not previously done anything that would violate these instructions.
1. If you believe you have identified a vulnerability on one of Ancestry’s sites we ask you to provide us with the following details. Provide the following details to firstname.lastname@example.org.
- A brief description of the vulnerability with any details that would help us replicate the issue; and
- Your contact details so we can contact you with any questions.
2. Do not disclose the vulnerability or security issue to any third party while Ancestry is performing its evaluation of your disclosure.
3. Do not attempt, or enable others to attempt, to exploit the issue or to interact with any user account or data that is not your own.
Ancestry will promptly review vulnerabilities reported according to these guidelines. We will contact you if we have further questions. Ancestry appreciates your patience and cooperation as we work to evaluate and remediate reported issues.