Make A Payment
Client Portal
Contact us
Contact us

Who Owns Your DNA Now? 23andMe’s Bankruptcy Raises Privacy Concerns

CYBERSECURITY
BY DANIEL HOOVEN
Share with a colleague Download PDF

What does 23andMe’s bankruptcy and potential sale mean for your genetic data?

23andMe was once a leading genetic testing company, offering personalized reports on ancestry, traits and genetic predispositions to diseases. Users simply created an account, provided a saliva sample and awaited their analysis and report.

The service quickly gained popularity, with countless stories of users discovering long-lost relatives, adopted children reconnecting with biological parents and law enforcement even using it in the high profile Golden State Killer case in 2018.

Despite accumulating an estimated 15 million users and reaching a $6 billion valuation after going public, 23andMe has now filed for Chapter 11 bankruptcy. The company has been authorized to seek a buyer, including one for all of its assets—most notably, its vast genetic database.

In a press release regarding the bankruptcy, 23andMe stated that its data storage and protection policies remain unchanged and assured users that any potential buyer must comply with applicable privacy laws.

“We are committed to continuing to safeguard customer data and being transparent about the management of user data going forward, and data privacy will be an important consideration in any potential transaction.”

How to Delete Your 23andMe Data

Despite the press release, many users are skeptical and have opted to delete their data from the website—which caused the website to temporarily crash due to volume shortly after the bankruptcy and sale announcement. For those concerned about their privacy, follow these steps to request the deletion of your 23andMe data:

  • Log in to your account and go to “Settings”.
  • Scroll to the bottom of the page, select “23andMe Data”, then click “View” to download a copy of your genetic information.
  • Choose “Delete Data” and confirm by selecting “Permanently Delete Data.”
  • In “Settings,” you can also request the destruction of your genetic material.
  • Navigate to the “Research and Product Consents” section and revoke permission for your genetic data to be used in research projects. (This applies only to future research.)

Like many online services, 23andMe makes data deletion more complex than expected and may require additional verification before processing your request. To complete the process, you must follow the instructions in their confirmation email. If you run into any issues, the company suggests reaching out to [email protected] for support.

It is important to note that the full ability to delete your data may not be as straightforward based on their terms of service, which states:

“Your sample is processed in an irreversible manner and cannot be returned to you. Any information derived from your sample remains subject to rights we retain as set forth in these Terms.”

Adding another layer of complexity, your state of residence may impact your data privacy, as consumer protection laws vary by state and may not uniformly apply to 23andMe.

What’s Next for 23andMe Users?

As a 23andMe user myself, I weighed the risks of sharing my genetic information in exchange for analysis, reports and access to their database. For me, the benefits, particularly as an adoptee searching for biological relatives, far outweighed the risks. However, the thought of what might happen if the company were sold never crossed my mind.

The reality is that, despite all the speculation about the future of genetic data in the event of a sale, no one truly knows what will happen until it unfolds. This uncertainty serves as a stark reminder to carefully read the terms and conditions before signing up for any online service that asks for personal data.

While 23andMe continues to offer vague assurances, the truth is that the level of data privacy will ultimately depend on who acquires the company and what their intentions are moving forward.

About Schneider Downs Cybersecurity

The Schneider Downs cybersecurity practice consists of experts offering a comprehensive set of information technology security services, including penetration testing, intrusion prevention/detection review, ransomware security, vulnerability assessments and a robust digital forensics and incident response team. In addition, our Digital Forensics and Incident Response teams are available 24x7x365 at 1-800-993-8937 if you suspect or are experiencing a network incident of any kind.

To learn more, visit our dedicated Cybersecurity page.

Want to be in the know? Subscribe to our bi-weekly newsletter, Focus on Cybersecurity.

Related Posts

Share

You’ve heard our thoughts… We’d like to hear yours

The Schneider Downs Our Thoughts On blog exists to create a dialogue on issues that are important to organizations and individuals. While we enjoy sharing our ideas and insights, we’re especially interested in what you may have to say. If you have a question or a comment about this article – or any article from the Our Thoughts On blog – we hope you’ll share it with us. After all, a dialogue is an exchange of ideas, and we’d like to hear from you. Email us at [email protected].

Material discussed is meant for informational purposes only, and it is not to be construed as investment, tax, or legal advice. Please note that individual situations can vary. Therefore, this information should not be relied upon when coordinated with individual professional advice.

© 2025 Schneider Downs. All rights-reserved. All content on this site is property of Schneider Downs unless otherwise noted and should not be used without written permission.

Our Thoughts On

Get the weekly newsletter with our most recent columns and relevant insights to you.

Subscribe for Updates
Most Recent

Your ERISA Audit Is Around the Corner – Are You Ready?

By

Much like going to the dentist, preparing for your ERISA audit may not be the most exciting to-do on your ...

Read More
Most Popular

Your ERISA Audit Is Around the Corner – Are You Ready?

By

Much like going to the dentist, preparing for your ERISA audit may not be the most exciting to-do on your ...

Read More

Have a question? Ask us!

We’d love to hear from you. Drop us a note, and we’ll respond to you as quickly as possible.
Ask Us
Subscribe For Updates
Receive all the latest insights and industry tips.  

Email us: [email protected]

Follow Us:
Facebook-f Linkedin-in

Office Locations

Pittsburgh

One PPG Place,
Suite 1700
Pittsburgh, PA 15222

p:
412.261.3644
f:
412.261.4876
Columbus

65 East State Street,
Suite 2000
Columbus, OH 43215

p:
614.621.4060
f:
614.621.4062
Metropolitan Washington

1660 International Drive,
Suite 600
McLean, VA 22102

p:
571.380.9003

Links

Inside Public Accounting Best of the Best 2024
Accounting Today Top 100 2024
Accounting Today Regional Leaders
Best Of Accounting Diamond Award

Schneider Downs is a Top 60 independent Certified Public Accounting (CPA) firm providing accounting, tax, audit and consulting services to public and private companies, not-for-profit organizations and global companies. We also offer risk advisory, transaction advisory, digital consulting, wealth management, retirement plan solutions and investment banking services. Schneider Downs serves individuals and companies in Pennsylvania (PA), Ohio (OH), West Virginia (WV), New York (NY), Maryland (MD), metropolitan Washington (DC) and additional states in the United States with offices in Pittsburgh, PA, Columbus, OH, and McLean, VA.

© 2024 Schneider Downs & Co., Inc. Maryland license number 35239.

close menu icon

Stay Connected and Subscribe for Exclusive Updates

Receive all the latest insights, expert analysis, and valuable industry tips to help you stay ahead in your field.

Subscribe

Breached?

Every moment counts. For urgent requests, contact the Schneider Downs digital forensics and incident response team at 1-800-993-8937. For all other requests, please complete the form below.

"*" indicates required fields

This field is for validation purposes and should be left unchanged.