Close this search box.

Privacy watchdog to investigate 23andMe: what does this mean for data breach victims?

The UK’s Information Commissioner’s Office (ICO) will investigate 23andMe over its recent data breach. This means the data watchdog thinks the genetic testing company has questions to answer over how it handled its customer’s private data.  

The investigation is good news for people who have joined a legal action against 23andMe, as it will help establish exactly what happened.

What do we know about the 23andMe data breach?

In October 2023, hackers accessed the accounts of around 14,000 23andMe customers.` Here’s what we know so far:  

  • The criminals used emails and passwords stolen in other breaches to login to the accounts of some 23andMe customers 
  • The security failure exposed a range of sensitive data 
  • 23andMe has a feature called ‘DNA Relatives’ that lets people share data with users they are related to. The hackers exploited this to access the data of around seven million people. 

The ICO will work alongside its Canadian counterpart, the Office of the Privacy Commissioner of Canada (OPC). Together, they will look at: 

  • The scope of information that was exposed by the breach 
  • The potential harm to affected people 
  • Whether 23andMe had adequate safeguards to protect the highly sensitive information within its control 
  • Whether the company provided adequate notification about the breach to the two regulators and affected people as required under Canadian and UK data protection laws. 

Are you affected by the 23andMe data hack? 

Millions of people are affected by the 23andMe data breach, including many in the UK. However, while the joint investigation is welcome, even if found guilty, the ICO and OPC does not award compensation to data breach victims.  

The only way to get justice and compensation for the hack is make a lawsuit against 23andMe – but you don’t have to do it alone. We’re helping victims of this cyberattack come together and fight as one by joining a group action claim.  

Could you qualify to join a no-win, no-fee 23andMe group action claim?  

Our simple eligibility checker provides instant clarity. Answer a few straightforward questions, and you’ll know if you could qualify for a 23andMe data breach group action claim. 

Stay informed about compensation
YOU could be entitled to!

Subscribe to our newsletter and get breaking news on the latest consumer injustices and group claims.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may also like:

In January 2024, the High Court ruled that drivers could sue BMW for fitting some diesel vehicles with devices that tricked emissions tests. The illegal devices made it seem like BMW’s diesel cars were less-polluting than they actually were.
The Equal Pay Act protects employees from unfair discrimination in the workplace. The law states that both men and women should be paid equally where they are doing the same job (or one of equal value). This means companies can't treat you differently based on your gender when it comes to pay.
After a cyberattack in March 2023, pension holders across the UK had their data stolen. In the wake of this breach, law firms are rallying to help those affected. Their mission: to pursue justice and secure compensation for victims of the Capita data breach.