23andMe blames data breach victims for hack

23andMe data breach affects millions in the UK: What to do next

According to reports, the data profiles of over four million people living in Great Britain and Germany was stolen in the 23andMe data breach and leaked on a notorious dark web forum. Hackers claim the breach involves some of the “wealthiest people living in the US and Western Europe”, including the British royal family. Affected 23andMe users are now risk of fraud, scams and ID theft.

What happened in the 23andMe data breach?

  • In October 2023, 23andMe warned its users about a cyberattack and urged them to change their passwords and enable multi-factor authentication on their 23andMe accounts.
  • The criminals used emails and passwords stolen in other breaches to login to the accounts of around 14,000 23andMe customers, before exploiting the company’s ‘DNA Relatives’ feature to access the data of around seven million people.
  • A hacker called ‘Golem’ claimed to have uploaded some of the stolen data for sale. They said the information contained “tailored ethnic groupings, individualized data sets, pinpointed origin estimations, haplogroup details, phenotype information, photographs, links to hundreds of potential relatives, and most crucially, raw data profiles”.

In June 2024, the Information Commissioner’s Office (ICO), which is the UK’s privacy watchdog, announced an investigation into the 23andMe data breach alongside its Canadian counterpart, the Office of the Privacy Commissioner of Canada (OPC). This is good news for victims if the breach as it will help to establish exactly what happened. However, even if found guilty, the ICO and OPC does not award compensation to data breach victims. The only way to get justice and compensation for the hack is to join a 23andMe lawsuit.

What should UK victims of the breach do now?

If you are affected by the 23andMe data breach, you should:

  • Change the password for your 23andMe account and any other accounts that share the same or similar passwords.
  • Enable multi-factor authentication on you 23andMe account and any other accounts that share the same or similar passwords.
  • Keep a close eye on your bank statements, credit reports, and any other accounts as a precaution.
  • Be cautious of phishing attempts and only trust information from reliable sources.
  • If you notice any suspicious activity or believe you may have been a victim of identity theft or fraud, report it to Action Fraud.
  • Keep your devices and software up to date with the latest security patches and updates.

Join a 23andMe lawsuit

23andMe has written to all affected users. If you have received this notification, you could qualify to join a no-win, no-fee 23andMe data breach claim. Our simple eligibility checker provides instant clarity.

Check Your Eligibility

Found this helpful? Share it

Facebook
Twitter
WhatsApp
LinkedIn
Email

Or

You may also like:

Can BMW drivers claim compensation for the diesel emissions scandal?

BMW faces legal action over emissions-cheating software. Learn what the scandal involves, who is affected, and what it means for UK diesel car owners.

Asda equal pay claim: Can store workers fight for fair wages?

Asda store workers may be underpaid. Check if you qualify for an equal pay claim and take action to seek the compensation you deserve.

Capita data breach: Legal response & ongoing investigations

Capita’s data breach exposed pension holders’ personal data. Stay updated on the latest legal action, investigations, and regulatory responses.

You might also like

See more resources

Several bottles of Johnson's baby powder on a store shelf, symbolising the Johnson and Johnson talc lawsuit over alleged asbestos contamination and cancer risks.
  • Health & Medical, News

Johnson & Johnson talc lawsuit in the UK: What you need to know

A UK lawsuit claims Johnson & Johnson’s talc products cause cancer. Learn about the case,...
Low-angle view of people walking in a city, symbolising unity and collective action, related to key facts about group litigation for seeking justice.
  • News

10 must-know facts about group litigation for first-time claimants

Discover 10 essential facts about group litigation for first-time claimants. Learn how joining a group...
  • News, Travel

How to claim compensation for flight delays or cancellations in the UK

Delayed 3+ hours or had a cancelled flight? You could claim up to £520 under...

Did you know we have a newsletter?

Sign up for our newsletter to stay up to date.

We connect consumers with their legal dream teams to ensure they get the compensation and support they deserve.

claims
About
Legal
Connect

Join the Claim is not a law firm. We connect individuals with top law firms for group action claims, and our service is free to use. While we may receive a fee from the law firms we introduce you to, this will not affect your costs or compensation. We are not responsible for the advice or services provided by these firms. Please note, nothing on this website is legal advice, and while we check claim eligibility, we cannot guarantee a law firm will accept a case.

Join the Claim is a registered trading name of Big on Media ltd. Big on Media is registered in the United Kingdom under licence number 09878028 with its registered office located at Big on Media, 6 Sunderland Street, Tickhill, Doncaster, DN11 9QJ

© Join the Claim All Rights Reserved | 2025

Go to claims