← View All Articles

  • September 10, 2025

23andMe Files for Bankruptcy: A Critical Wake-Up Call for Your Genetic Privacy

Your DNA is now on the block: What 23andMe’s bankruptcy means for your most personal data.

The news that 23andMe, the pioneering direct-to-consumer genetic testing company, is reportedly filing for bankruptcy has sent ripples of concern through its user base. For millions who’ve submitted their DNA for analysis, this development isn’t just about a company’s financial struggles; it raises urgent questions about the long-term security and privacy of their most personal data: their genetic code.

What is 23andMe?

Founded in 2006, 23andMe quickly became a household name by offering at-home DNA testing kits. Users would simply provide a saliva sample, send it in, and receive detailed reports on their ancestry, genetic predispositions to certain health conditions, and even traits. The company positioned itself as a bridge between individuals and their genetic insights, empowering people to understand their heritage and potential health risks. With millions of users worldwide, 23andMe amassed one of the largest genetic databases globally.

The Bankruptcy Filing: What It Means

While the exact details of the bankruptcy proceedings are still emerging, the fundamental concern for its 15 million-plus users revolves around the fate of their highly sensitive genetic data. In bankruptcy, a company’s assets – which in this case critically include its vast database of genetic information – are typically subject to sale or transfer to pay off creditors.

This situation presents a unique and alarming privacy risk:

  • Data Sale to Unknown Entities: There’s a significant risk that 23andMe’s genetic database could be sold to another company or entity as part of the bankruptcy liquidation. This new owner might have entirely different privacy policies, business models, or even intentions that diverge from what users originally agreed to.
  • Lack of Control: Once the data is transferred, users may lose any meaningful control over who possesses their genetic information and how it’s used, shared, or potentially exploited.
  • Irreversible Nature of Genetic Data: Unlike a credit card number that can be changed, your DNA is immutable. Once compromised or acquired, its privacy is permanently at risk. This data can reveal not only your own predispositions but also information about your blood relatives, potentially impacting family members who never even used the service.
  • Potential for Misuse: In the wrong hands, genetic data could be used for discriminatory purposes (e.g., by insurance companies or employers), targeted advertising based on health risks, or even identity theft of a profoundly personal nature.

Protecting Your Genetic Privacy: Steps to Take Now

If you are a 23andMe user, or have used any direct-to-consumer genetic testing service, it is crucial to take proactive steps to protect your sensitive information:

  1. Delete Your Data from 23andMe’s Servers (If Possible):
    • Log into your 23andMe account.
    • Navigate to your account settings and look for options related to “Data Management,” “Privacy,” or “Account Deletion.”
    • Follow the instructions to initiate the deletion of your genetic data and raw data files. Be aware that this process can take time (sometimes up to 30 days) and may require a specific request via customer service.
    • Important Note: Confirm what exactly is being deleted. Some companies retain aggregated or de-identified data even after individual deletion requests. Review their privacy policy regarding deletion thoroughly.
  2. Review 23andMe’s Privacy Policy and Terms of Service:
    • Familiarize yourself with what their policies say regarding data ownership, transfer, and deletion, especially in scenarios like bankruptcy. This will help you understand your rights and the company’s obligations.
  3. Download Your Raw Data (With Caution):
    • Many services allow you to download your raw genetic data. If you wish to retain a copy, do so. However, be extremely careful where you store this file. Treat it with the same level of security as your most sensitive financial documents. Do not upload it to unknown third-party services.
  4. Be Wary of Future Genetic Testing Services:
    • This incident serves as a stark reminder to thoroughly vet any company you consider for genetic testing.
    • Read their privacy policies carefully, paying close attention to data ownership, sharing practices, data security measures, and what happens to your data if the company goes out of business.
    • Consider if the insights offered truly outweigh the inherent privacy risks.
  5. Stay Informed:
    • Keep an eye on news updates regarding 23andMe’s bankruptcy proceedings. This will provide clarity on the legal fate of their assets, including user data.

The bankruptcy of 23andMe is a significant event that highlights the evolving landscape of digital privacy, particularly concerning highly sensitive genetic information. For users, swift and informed action is key to mitigating potential risks and safeguarding their most personal data for the future.

  • We can help you become FADP compliant!

Expert Guidance, Affordable Solutions, and a Seamless Path to Compliance

Get in contact

What do you think?

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Insights

  • Related Articles
How Agentic AI is going to disrupt retail and SME banking
AI agents make financial decisions for users, optimizing for outcomes rather than brand loyalty.
The DPO’s Central Role in DSAR Handling: A Guide to Data Access Compliance
A strong DPO is a strategic asset, safeguarding your organization from fines and building trust
The Indispensable Role of an EU Representative: Why Non-EU Companies Need This Service for GDPR Compliance
Is your non-EU company engaging with the European market? Understanding GDPR is crucial, and for