If you’re an Arbonne distributor you might want to keep an eye on your financial statements over the next few months.

In an
exhibit
attached to a data breach notification letter filed with the Office of the Attorney General of California, Arbonne has disclosed a data breach.

The incident happened on April 20th, with Arbonne maintaining it became aware of “unusual activity within a limited number of internal systems”.

While the investigation remains ongoing, the preliminary investigation determined that certain information in Arbonne’s systems may have been accessed without authorization.

By April 23rd Arbonne had identified a “data table” that had been accessed by persons unknown.

Arbonne confirmed that the information that could have been subject to unauthorized access includes personal information … such as name, address, username and password.

Arbonne notified 3,527 affected Californian residents, although written notice wasn’t initiated until May 22nd.

In the interim, Arbonne initiated a forced password reset for affected accounts.

Arbonne is also reviewing and enhancing existing policies and procedures.

Arbonne is providing access to credit monitoring and identity protection services for one year through Kroll, to individuals whose personal information was potentially affected by this incident, at no cost to these individuals.

Arbonne has also reported this matter to the FBI and relevant regulators.

Arbonne maintains that 
their investigation
thus far

has not determined that payment card information or government ID information, such as Social Security numbers, were accessed.

Better to be safe than sorry in my opinion. I’d be getting onto any external accounts that share the same password, as well as going over methods of payment.

What lead to Arbonne’s data breach has not been disclosed. Assuming it wasn’t negligence on their part, Arbonne appear to be doing the right thing by their distributors.

What I’m unclear on is whether this breach was localized to California or whether it was company-wide.

We know about it in California because, by law, Arbonne have to notify authorities.

Whether Arbonne data was breached for distributors in other states, and if so what the total number of accounts affected is, remains unclear.

Bleeping Computer
reached out to Arbonne for comment
but didn’t hear back.

The publication recommends

Maryland, New York, New Mexico, North Carolina, and Rhode Island residents are advised to contact their Attorney General for more info.

We’ll keep you updated if we come across any updates.

🤖 Quick Answer

What data breach affected Arbonne distributors in April?
Arbonne disclosed a security incident occurring on April 20th, affecting at least 3,527 distributors. The company detected unusual activity within internal systems and subsequently identified unauthorized access to a data table containing distributor information. The investigation remained ongoing at the time of notification to California's Attorney General.

What information was potentially compromised in the Arbonne breach?
According to the data breach notification, certain information stored in Arbonne's systems was subject to unauthorized access. The company identified a specific data table accessed by unknown persons, though the complete list of compromised data categories was referenced in documentation filed with California authorities.

When did Arbonne discover the security incident?
Arbonne became aware of unusual activity within its internal systems on April 20th. By April 23rd, the company had identified the specific data table that had been accessed without authorization, prom

🔗 Related Articles

- Akashx: My Daily Choice’s “social trading” securities fraud
- Kingdom777 “committed to blessing” Peru?
- BitConnect Ponzi scheme collapses, $2.4 billion wiped in 10 days
- Andre & Monique Vaughn ordered to pay $1.7M in taxes
- OneCoin to hold Global Mastermind event in Bali, dupes Indo govt