As you may have heard, on Sunday, March 23, 2025, 23andMe entered a voluntary restructuring under Chapter 11 of the United States bankruptcy code. Simultaneously, Anne Wojcicki resigned as CEO.
Predictably, the media had a field day with this story, stoking panic and urging users to delete their data. Muckraking news outlets even falsely claimed that the Attorney General of the State of California told users to do just that.
This is simply not true. You can read AG Rob Bonta’s statement for yourself here. Rather, he “reminds Californians of their right to direct the deletion of their genetic data under the Genetic Information Privacy Act (GIPA) and California Consumer Privacy Act (CCPA). Californians who want to invoke these rights can do so by going to 23andMe’s website.” He’s not warning anyone to do anything; he’s reminding us of our legal rights. It’s up to us to decide whether to exercise them.
Many friends, clients, and readers have reached out to me privately to ask for advice. Ultimately, it depends on your comfort level with uncertainty, but here’s my thinking:
- I am not deleting my kits. At least not yet. I’ll let you know if I do.
- Under California law, we’ll still have the right to delete our kits a week or a month or a year from now, so I’m not going to make any rash decisions.
- 23andMe’s Chapter 11 restructuring was voluntary, not forced. That’s a good thing. We know the company is in financial trouble, not least because of an attack in 2023, but not so much trouble that it’s shutting down. Instead, it’s restructuring and looking for a buyer to continue its mission.
- As 23andMe themselves say in an open letter to the community, the company continues to operate as normal—with the same user access and privacy protections as before—while it looks for a buyer.
- Anne Wojcicki resigned so that she can bid to buy 23andMe herself. She co-founded the company and hasn’t given up on it.
- 23andMe was a Gold Sponsor at RootsTech 2025 in early March. Not only have they not abandoned the genealogy community, they announced new features, like updated diasporic genetic groups, historical matches, records and archives hints, and (to come) ancestry reconstruction.
- Lest we forget, 23andMe is the only major DNA database that hasn’t been sold at some point. Ancestry was purchased by the Blackstone Group in 2020, and the world did not end. Nor did it end in 2021, when MyHeritage was acquired by Francisco Partners and FamilyTreeDNA by myDNA. GEDmatch has been sold twice: to Verogen in 2019 and again (as a subsidiary of Verogen) to Qiagen in 2023.
- Most importantly, everything that happens from here on out will be supervised by a US Bankruptcy Court. We’re not going to wake up tomorrow to find out that our data is owned by an offshore shell corporation for space aliens wanting to clone us.
That said, if you want to delete your data, that’s your choice entirely. The California AG’s statement explains how. Be sure to download your raw data first and store it in a secure place for future use.
You can also gather your match data using a third party tool like DNAGedcom for only $5/month.
Many users will upload their raw data to other sites, like MyHeritage, FamilyTreeDNA, and GEDmatch. However, they should be aware that US federal agents operate in those sites, often against Terms of Service and user consent restrictions. It’s highly likely that agents of other governments and entities are doing the same.
In summary, this is a time to stay calm, take stock of what’s happening, and make measured decisions once we have more information.
I agree completely with almost everything you said here. I might take issue with the statement, “… they not abandoned the genealogy community…” I felt that in the wake of the data breach, it appeared the “legal department” bullied its way into the picture and forced them to disable many features that were critical to the genealogy community. From my perspective, much of that action wasn’t necessary and amounted to a major affront to the genealogy community.
I’m still keeping all kits I control in their system, but I sure felt abandoned when key features were disabled. If they want to show support for the genealogy community, they need to show that support.
Unfortunately, the chromosome browser was the main weakness allowing the attacker to scrape so much personal genetic information. I wasn’t hacked myself, but any health markers I share with someone who *was* hacked is now out there.
Thank you for this Leah!
I’ve been patient with a wait and see attitude, for you and other respected geneologists to chime in officially. Although I have seen some of your comments on FB group(s) and those comments absolutely support what you’ve just posted…and fully support
my position.
I think alot of people don’t understand how that data breech came about and now they see the Chapter 11 filing and think the company is bad. It is not. I’m on all the platforms(and subscribe to your tools as well). Every single DNA platform has been super helpful in many of my projects, both family tree building and very successful unknown parentage searches…Ancestry was enough…it took “a village”!
As for that breech, that could’ve happened to any of the sites. I for one, changed all my cross platform passwords and thankfully, although irritating, they’ve all moved to 2 factor authentication.
I am leaving all of my 23andme tests and accounts intact until I see real reason to delete them. Sad though that I’ve seen some of my “relatives” have left as they don’t feel as safe.
Thank you for your comment. I waited to post because I wanted time to mull things. Unfortunately, that left time for the fear mongers to get traction.
Yeah, that makes sense. Fear mongers just can’t sit back and wait for all the information.
You cannot be blamed for that! Keep on doing what you’re doing, Leah. So appreciate it. 🙂
I meant to say “Ancestry was NOT enough” [to solve my projects…]!