BUFFALO, N.Y. (WIVB) -- The genetic ancestry testing company 23andMe recently announced that it is filing for bankruptcy, which could result in the company being sold. Over the last 20 years, 15 million people have submitted their DNA to the company for testing, but now the company has fallen on hard times, potentially putting your saliva sample with highly sensitive information about your health and genealogy at risk. The company has lost nearly $6 billion, according to cyber security expert Arun Vishwanath. And because it's not a health care company, DNA data is not protected by health privacy laws.23andMe says it has "strong customer privacy protections in place" and it does not share customer data without consent. It also doesn't share customer data with law enforcement unless it receives a court order. However, if ownership does change hands, your DNA could be transferred to the new owner and sold elsewhere, possibly to health insurance companies. “Your DNA is your most personal private data, and I think people should be concerned about it," said Vishwanath. "A lot of the data are anonymized when it's shared to researchers, but there are very simple ways to figure out because of the uniqueness of DNA, fingerprints, each of us having our own, so-called DNA pattern, it's easy to go backwards to see who's who. You know that dataset can easily be compromised." 23andMe has already let 40% of its employees go after its entire board resigned in September. New York does have narrow consumer privacy laws in effect, but Vishwanath says a new owner could change 23andMe privacy terms. Experts say the dangers are real and worse than losing your social security card. “This is data that is just non-reputable, right? Once it's out, you can't take it back. You can't change it," said Vishwanath. "Unfortunately, we don't have laws that we have caught up with it. So, this is more than just Social Security numbers where at least we have credit protection. How are you going to protect genetic data once it's out? We still don't know. There's no answer to that and if there's no answer to it, the bad guys win." Experts added that this move comes after the company and 7 million of its users were affected by a data breach last year. If you are concerned about your sensitive data, you can delete it. Simply log into your 23andMe account, go to settings, scroll to 23andMe data and click view. From there you can enter your information and select permanently delete. However, federal law states the company must keep a copy of the data for a period of time. Experts say even without a name attached it’s still traceable. “I don't think a corporate entity such as this, that has already lost the trust because of breaches, should be selling it all now. Because at the end of the day, what they're selling is that data that they hold,” Vishwanath said. Latest Local News Car drives into Clarence business one week after it opens Tech expert warns your 23andMe genetic data could be at risk   No charges filed against juvenile who hit and killed girl in Grand Island 2 gun calls made in 1 day in City of Buffalo Man sentenced for selling drugs that led to overdose death Dillon Morello is a reporter from Pittsburgh who has been part of the News 4 team since September of 2023. See more of his work here and follow him on Twitter.