Threat Watch

Arbonne MLM Data Breach

Arbonne International, an international multi-level marketing firm privately held in California, released a notice of breach that states that an unauthorized party accessed their systems last month. According to their breach notification, 3,527 California residents were impacted in the breach. The information potentially accessed by the intruder includes names, email and mailing addresses, order purchase histories, phone numbers and Arbonne account passwords. Although the number of California residents was released, the total number of affected people is still unknown and customers in Maryland, New York, North Carolina and Rhode Island are advised to contact their Attorney General for more information. While their investigation is still ongoing, Arbonne has forced a password reset for all clients.  

ANALYST NOTES

The data breach notification stated that Arbonne “detected unusual activity” on some of their systems. Detection of unusual activity is usually the first sign that an unauthorized person is intruding into private computer systems. It is critically important to have endpoint security systems in place and analysts watching the alerts to detect when unusual activity occurs and investigate quickly to contain the damage. Catching intrusions in the early stages is the best way to prevent the attacker from expanding their control to more servers, especially if the attacker’s eventual goal is to encrypt data and hold servers for ransom. The data breach experienced by Arbonne was reported to the FBI and relevant regulators. After the incident, the company is offering all impacted individuals one year of free credit monitoring, fraud consultation and identity theft restoration services from Kroll. Consumers who are affected should change their logins to a unique and increasingly complex password. Companies that experience breaches are always recommended to report breaches to their appropriate law enforcement agencies to try and track down the attacker and prosecute them if possible.

To read more: https://www.bleepingcomputer.com/news/security/arbonne-mlm-data-breach-exposes-user-passwords-personal-info/