When 23andMe launched, it promised customers insight into their ancestry and health risks in exchange for a simple saliva sample. At its peak, the company had over 15 million users and a market valuation north of $6 billion. But as of March 2025, it has filed for Chapter 11 bankruptcy—a sharp downfall that underscores a broader reckoning with how personal health data, especially genetic information, is stored, used, and protected.
The official reason for the bankruptcy filing was to “facilitate a sale process to maximize the value of its business,” according to a statement from the company. Anne Wojcicki, co-founder and now-former CEO, stepped down to position herself as an independent bidder in that sale. Wojcicki, who owns 49% of the voting shares, expressed disappointment that her earlier bid to take the company private was rejected.
But beneath the financial woes lies a deeper trust issue. In 2023, hackers gained access to nearly 7 million profiles, specifically targeting Jewish and Chinese users. The breach raised alarm bells about how 23andMe secures genetic data—an intensely personal form of information that, unlike a credit card number, can’t simply be changed. A class-action lawsuit followed, accusing the company of failing to properly notify affected users.
Despite public assurances that it would strengthen data protections, the fallout was significant. Revenues declined by 7% in the most recent fiscal year, with a net loss of $174 million. Sales of DNA testing kits dropped, and in September 2024, seven members of the company’s board resigned, citing dissatisfaction with the company’s direction.
The downfall of 23andMe isn’t just a cautionary tale for biotech startups—it’s a wake-up call for consumers and regulators. As more health data is collected by private companies, the risk of breaches grows, especially in an era when genetic information can be weaponized or used discriminatorily. The idea that one’s most intimate biological blueprint might be bought, sold, or hacked has moved from science fiction to legal reality.
This case feeds into a growing debate: Should companies be allowed to monetize genetic data at all? And what level of oversight is needed to ensure they safeguard it responsibly?
With 23andMe’s fate now uncertain and a sale looming, the broader industry faces pressure to rebuild public trust. Consumers may remain wary, but lawmakers and watchdogs may not stay hands-off much longer. The collapse of a once-celebrated pioneer could become the turning point in how we think about—and regulate—personal health data.