Welcome back. I’m Adeline Atlas, 11-time published author, and this is the Biometric Bondage series: where we learn how anatomy is being linked to authentication in the AI era. Today, we dive into one of the most shocking and revealing stories in the world of biometric exploitation: the collapse of 23andMe, the genetic testing giant that promised to empower us with knowledge—while quietly building one of the largest human DNA databases in the world.

The fall of 23andMe isn’t just a business story. It’s a wake-up call. It’s the clearest example yet of how your most personal biological data—your genome—can be commercialized, stolen, resold, and treated like a corporate asset. In this video, we’re not just talking about data breaches or company bankruptcies. We’re asking the deeper question: Who owns your DNA once you give it away?

Let’s start with the basics. 23andMe launched in 2006 with a saliva kit and a promise. You’d mail in your sample, and in return, they’d send you an ancestry breakdown, health risk report, and genetic insights you could never get from your doctor. Millions signed up. Celebrities endorsed it. The company became a household name in the direct-to-consumer genetic testing boom.

But there was always another side to it. Behind the colorful graphs and ancestry reports, 23andMe was quietly assembling one of the largest privately held genetic databases in human history—over 14 million DNA profiles, all linked to names, emails, birthdates, and self-reported health data. Users thought they were signing up for a personal journey of self-discovery. In reality, they were entering a system where their genome would be monetized.

In October 2023, the first domino fell. A credential-stuffing attack—a method where hackers use reused or leaked login information from other breaches—allowed intruders to access the accounts of millions of 23andMe users. Once inside, they exploited the “DNA Relatives” feature to scrape genetic and personal data from connected accounts. The breach affected over 6.9 million users. But the real damage wasn’t just the number—it was the type of data exposed.

We’re talking about raw genotype files. Ancestry data. Health indicators. Names and dates of birth. This wasn’t just identity theft—it was biological theft. The genetic signature of millions was now circulating in the wild, with no way to change it, revoke it, or delete it.

You can change a password. You can get a new credit card. But you can’t change your genome.

The breach triggered lawsuits, public outrage, and mass data deletion requests. But the damage had already been done. And 23andMe, already facing revenue decline and investor pullback, couldn’t weather the storm. By March 2025, they filed for Chapter 11 bankruptcy.

Let’s pause there and look at what that means.

When a company files for bankruptcy, it doesn’t just disappear. Its assets are evaluated. Creditors line up. And the company’s most valuable holdings are put on the table for liquidation or restructuring. In 23andMe’s case, what was the most valuable asset? Not the saliva labs. Not the website. Not the staff.

It was you. Your DNA. Your family tree. Your health markers. Your data.

As part of the bankruptcy proceedings, a court-appointed data overseer was brought in to manage the genetic database and determine what could or could not be sold. The public was assured that privacy agreements would be honored. But legal experts warned—those privacy agreements are often riddled with loopholes. “We won’t sell your data” doesn’t mean “we won’t sell the company that owns your data.”

And that’s exactly what happened.

Around the same time, eyes turned to Blackstone, one of the largest investment firms in the world. In 2020, Blackstone acquired Ancestry.com for $4.7 billion, instantly gaining access to the genetic data of over 20 million people. With 23andMe now on the ropes, speculation mounted: would Blackstone scoop up that database too? Would one private equity firm soon control the largest combined genetic profile archive in the world?

This isn’t paranoia. It’s reality. And it raises three urgent questions:

1. Who really owns your DNA once it’s been digitized?
   
2. What are corporations doing with these genetic datasets behind closed doors?
   
3. What rights do you have—if any—to reclaim that information once it’s been compromised?
   

Let’s tackle ownership first.

When you mail in your saliva to 23andMe, you’re not just sending organic material. You’re signing a contract. In most cases, that contract gives the company perpetual rights to use, store, and share your genetic data in anonymized or aggregated forms. But “anonymous” is a slippery word. Studies show that with as few as 3–4 datapoints, anonymized genomes can be re-identified. Your DNA is more unique than a fingerprint. If it’s ever linked back to you once—it’s permanently yours.

Second, what’s being done with this data?

Publicly, companies say they’re partnering with pharmaceutical firms for research. In fact, 23andMe signed a $300 million deal with GlaxoSmithKline to develop drugs using customer genetic profiles. But that’s not all. Genetic data is increasingly used in AI training models, behavioral prediction tools, and risk scoring algorithms. Some of these models are used in health insurance pricing, marketing, and even law enforcement investigations.

What happens when a future employer runs a DNA screen to assess your predisposition to depression, aggression, or addiction? What happens when your child is denied health coverage because you shared a gene that shows up in their lineage? These aren’t hypotheticals. The science exists. The data is being collected. The ethical framework is not.

Now let’s talk about your rights.

When 23andMe collapsed, many users rushed to delete their accounts. But deleting your account does not necessarily delete your data. If your genome was shared with research partners, exported to pharma companies, or stored in third-party servers—it’s already out there. And U.S. law doesn’t currently protect consumers from the resale of genetic data in bankruptcy. You can opt out of emails. You can’t opt out of a corporate fire sale.

This raises the fundamental issue of genetic permanence. Your DNA isn’t like other data. It’s immutable. And once it’s digitized, it becomes exploitable.

There’s also a communal dimension. Your genome contains data not just about you—but about your relatives. Your submission to a database can inadvertently expose your entire family to identification, profiling, and even state surveillance. This is why privacy experts call DNA “networked data.” You might be fine with sharing it. But what about your sister? Your parents? Your children?

And now we have to ask: what happens when private equity owns your bloodline?

Blackstone, as of today, controls Ancestry.com’s DNA library—over 20 million samples. If they acquire 23andMe’s database, that number could climb to 35 million or more. That’s enough to map nearly every U.S. citizen through genealogical triangulation. This isn't a sci-fi script. This is a corporate reality.

The data is valuable because it’s predictive. It can forecast disease, traits, risk profiles. It can guide pharmaceutical R&D. It can influence insurance rates. It can identify familial relationships in paternity lawsuits or criminal cases. And most importantly, it cannot be undone.

And here’s the philosophical layer: If your DNA is stored in a database and used to develop a patented drug—shouldn’t you be compensated? If your genome is mined to build a biometric verification tool—do you own a share of that technology? Currently, the answer is no. You are the raw material. The profit is downstream.

We are entering an era where data ownership equals power. And biological data—your face, your fingerprint, your heartbeat, your genome—is the most valuable of all.

So what do we do?

First, if you’ve used 23andMe or Ancestry, submit formal deletion requests. They may not erase everything, but it’s your right to try. Second, support legislation that protects genetic data as a human right—not a corporate asset. Third, educate others. Most people don’t realize they’re handing over the keys to their lineage when they swab and mail in.

And finally—ask deeper questions. Ask who’s collecting your biology. Ask where it’s going. Ask who profits when your cells become code.

Because when a company can go bankrupt and sell your genome to the highest bidder, we’re not just talking about surveillance.

We’re talking about ownership of humanity at the cellular level.

You’re not just a customer. You’re a commodity.

And the age of biometric bondage is not approaching.

It’s here.