Consumer DNA testing company 23andMe is circling the drain. The company's CEO, Anne Wojcicki, plans to take the company private, leading to the departure of all board members except herself. This, coupled with a major security breach in October 2023 affecting 5.5 million customers, has privacy advocates urging customers to delete their data from the site immediately.
As reported by MIT Technology Review, the uncertainty surrounding 23andMe's future ownership has made the situation especially dire from a privacy perspective. Jason Kelley, activism director at the Electronic Frontier Foundation, warns: "Customers should consider current threats to their privacy as well as threats that may exist in the future—some of which may be magnified if 23AndMe were sold to a new owner. 23AndMe has protections around much of this. But a potential sale could put your data in the hands of a far less scrupulous company."
Despite being hacked, 23andMe claims to have strong customer privacy protections and says it does not share data without consent. If you are a 23andMe customer and want to zap your data, MIT Technology Review shares the process, which involves logging into your account, navigating to settings, and selecting "Permanently delete data." However, the company will retain some genetic information, date of birth, and sex to comply with legal obligations. Additionally, data already used in research projects cannot be removed from ongoing or completed studies. In other words, once your DNA is out of the saliva sample tube, there's no real way to put it back.
Previously:
• 23andme's prospects for survival dim
• 23andMe to hacking victims: it's your fault because you reused passwords
• 23andMe to sell DNA records to drug company
• DNA database 23andMe admits 6.9m users hacked