Chestertons data breach

What happened in the Chestertons data breach?

Personal details exposed. Customers left in the dark. Here's what you need to know.

In January 2023, estate agency Chestertons was hit by a serious cyberattack. Hackers managed to get into the company’s systems and walk away with a significant haul of sensitive personal information.

The breach wasn’t made public straight away. In fact, by the time Chestertons had discovered what happened, the stolen data was already being shared online. That means cybercriminals may have had access to private customer details, including names, addresses, ID documents and even bank information, before anyone was made aware.

So how did the Chestertons estate agency hack happen?

The attack is believed to have taken place in late 2022, with some of the stolen data dated as far back as November. It wasn’t until 11 January 2023 that Chestertons confirmed the breach. Worrying, according to some data breach experts, many of those affected still haven’t received data breach notification letters.

If you’ve ever bought, sold, rented or enquired about a property with Chestertons, your data might have been affected. And if so, you could be entitled to compensation.

How serious was the Chestertons data breach?

What makes this breach particularly serious is the nature of the data that was stolen. We’re not just talking about email addresses. Reports suggest that passport information and bank details were accessed.

In the wrong hands, this kind of information is enough to apply for loans, open bank accounts, or trick people into handing over even more personal data. The fallout from a breach like this can last for years.

Who might be affected?

You don’t need to be a current Chestertons customer to be caught up in this breach. In fact, many people who interacted with the estate agent months, or even years, ago could be affected.

That includes: 

  • Current and former tenants and landlords 
  • People who bought or sold a property through Chestertons 
  • Anyone who arranged a viewing or made an enquiry 
  • Individuals who submitted ID documents or payment details for referencing. 

If you shared your information with Chestertons at any point, it’s possible your data was stored and later compromised.  

Think you might be affected by the Chestertons data breach?

Under UK data protection law, companies like Chestertons have a legal duty to keep your personal information safe. When they fail to do that, and your data ends up in the wrong hands, you have the right to seek compensation. 

Find out more

Join the Claim connects consumers with SRA-regulated lawyers. Visit the claim page to check your eligibility if a claim is open with one of our trusted legal partners. If a group action has not yet been launched, you can register your interest and we’ll keep you informed if a partner firm decides to take a claim forward.  

This information is for general guidance only and does not constitute legal or financial advice.

You may also like:

  • Environment, News, Vehicle

Can BMW drivers claim compensation for the diesel emissions scandal?

BMW faces legal action over emissions-cheating software. Learn what the scandal involves, who is affected, and what it means for UK diesel car owners.
  • Data Breach, Financial, News

Capita data breach: Legal response & ongoing investigations

Capita’s data breach exposed pension holders’ personal data. Stay updated on the latest legal action, investigations, and regulatory responses.
  • News, Vehicle

Jaguar Land Rover DPF claims vs. dieselgate: What you need to know

Confused about Jaguar Land Rover DPF claims vs. Dieselgate? Learn the key differences, legal actions, and how to check if you qualify for compensation.

Latest news & insights

women travelers,waiting at train station journey,with luggage and large backpacks
Interrail data breach: why some travellers are being told to replace passports
Over 300,000 Interrail travellers had personal data exposed in a cyber incident. Some are now being advised to replace passports.
technician of health with blood tubes in the clinical lab for analytical / hand of doctor holding blood sample in tube test for analysis in laboratory
Nearly 200 Biobank data incidents raise concern as more private health records found online
UK Biobank data has reportedly been leaked nearly 200 times in a year. Here’s what it means for participants.
April calendar 2026 with Join the claim logo
What we’ve been working on at Join the Claim in April
A round-up of what we’ve been working on in April at Join the Claim, including new claims to watch, legal developments and practical consumer guides.
Warning road sign against a stormy sky saying Scam Alert
Scam alert update: April 2026
Stay alert this April with the latest scam warnings from Join the Claim
Smartphone on surface showing Google Play logo. Google Play is an app store.
What the Google Play Store claim means for UK users
Used the Google Play Store on an Android device between 2015 and 2024? Here’s what the UK claim against Google means for you.
Diagonal test tubes with blood with blue lids ready for test. Concept of medicine and science. 3d rendering
UK Biobank breach: can anonymised health data be traced back to you?
 UK Biobank says the leaked data was anonymised — but experts warn it may still be identifiable. Here’s why that matters.
A scientist in a white lab coat looks through a microscope in a laboratory. Another person is seen working in the background. The scene shows a busy research environment with equipment.
UK Biobank data listed for sale: what happened and what it means
 Health data from 500,000 UK Biobank participants was listed for sale online. Here’s what was exposed, what wasn’t, and why it matters.
Woman using Booking.com app
Booking.com scams explained: what “reservation hijacking” means for travellers
  A data breach at Booking.com is now being linked to a rise in so-called “reservation hijacking” scams. Here’s how to protect yourself.
employee and colleagues brainstorming how to fix employee data breach affecting systems
Employee data breaches are rising: what it means for your data
Employee data breaches are increasing across the UK. Here’s what’s happening & what it means for your personal information.
Man using smartphone to cancel subscription on digital app interface. Unsubscribe from online service membership or payment plan.
New laws will make it easier to cancel subscriptions and get refunds
New UK laws will make it easier to cancel subscriptions and get refunds. Here’s how subscription traps are being tackled.
AI concept Artificial Intelligence technology circuit motherboard chip computer
The dangers of AI: what consumers need to know
From data misuse and deepfakes to harmful content and bias, learn how AI can go wrong and what it means for your rights in the UK.
woman use booking app, booking com logo on the screen
Booking.com data breach: what travellers need to know
Booking.com has confirmed a data breach affecting customer booking details. Here’s how to protect yourself.
What claims should be on your radar in April 2026?
Several major compensation claims are developing in the UK this spring, including cases involving Apple, Amazon, Steam and major data breaches.
Rightmove website on the display of PC
Rightmove £1.5bn claim filed: what estate agents need to know
A £1.5bn legal claim has been filed against Rightmove, accusing the property giant of charging excessive fees to estate agents. Here’s what’s happening and what it could mean.
Hands, phone and person in home with scrolling, social media
Meta blocks ads linked to social media addiction lawsuits
Meta has removed adverts from law firms seeking clients for social media addiction lawsuits, following recent legal setbacks in the US.
View all news

Did you know we have a newsletter?

Sign up for our newsletter to stay up to date.

We connect consumers with their legal dream teams to ensure they get the compensation and support they deserve.

claims
About
Legal
Connect

Join the Claim is not a law firm. We connect individuals with top law firms for group action claims, and our service is free to use. While we may receive a fee from the law firms we introduce you to, this will not affect your costs or compensation. We are not responsible for the advice or services provided by these firms. Please note, nothing on this website is legal advice, and while we check claim eligibility, we cannot guarantee a law firm will accept a case.

Join the Claim is a trading name of Join the Claim Limited, authorised and regulated by the Financial Conduct Authority (FRN: 1053404). Registered in England and Wales, Company No: 16245278. Registered office: 32 Eyre Street, Sheffield, S1 4QZ.

© Join the Claim All Rights Reserved |

2026
Go to claims