In October 2024, 23andMe experienced a significant security breach, compromising the personal data of approximately 5.5 million customers. By March 2025, the company filed for bankruptcy and initiated a sale process to maximize its business value. 23andMe’s business model involves analyzing saliva samples to provide personalized genetic reports on health and ancestry. Amidst the uncertainty of potential new ownership, privacy advocates have urged users to delete their data. Deleting data from 23andMe is permanent, but some information, including genetic data, date of birth, and sex, is retained for legal compliance. Data used in ongoing or completed research projects cannot be removed. Despite these challenges, 23andMe maintains strong privacy protections and does not share customer data without consent. The company has successfully resisted law enforcement requests for customer information. Users can opt to destroy their saliva samples during account deletion, and some choose to upload their data to other DNA testing sites like FamilyTreeDNA and MyHeritage for genealogical research, though this carries privacy risks.
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
