The data breach notification stated that Arbonne “detected unusual activity” on some of their systems. Detection of unusual activity is usually the first sign that an unauthorized person is intruding into private computer systems. It is critically important to have endpoint security systems in place and analysts watching the alerts to detect when unusual activity occurs and investigate quickly to contain the damage. Catching intrusions in the early stages is the best way to prevent the attacker from expanding their control to more servers, especially if the attacker’s eventual goal is to encrypt data and hold servers for ransom. The data breach experienced by Arbonne was reported to the FBI and relevant regulators. After the incident, the company is offering all impacted individuals one year of free credit monitoring, fraud consultation and identity theft restoration services from Kroll. Consumers who are affected should change their logins to a unique and increasingly complex password. Companies that experience breaches are always recommended to report breaches to their appropriate law enforcement agencies to try and track down the attacker and prosecute them if possible.

To read more: https://www.bleepingcomputer.com/news/security/arbonne-mlm-data-breach-exposes-user-passwords-personal-info/