The FTC has gone after MLM services provider InfoTrax for multiple violations of the FTC Act.

InfoTrax is a well-established services provider within the MLM industry. The company is based out of Utah was founded in 1988 by CEO Mark Rawlins.

InfoTrax’s client list features a number of well-known MLM brands, including
doTerra
,
Xango
and
LifeVantage
.

Typically, InfoTrax operates the major aspects of its clients’ website portals for their distributors and customers.

Through these website portals, individuals register with multi-level marketers as distributors, place orders for themselves and the end consumers who purchase from them, and enroll new distributors.

According to the FTC’s complaint, InfoTrax and owner Rawlins (right) “engaged in a number of unreasonable data security practices” between 2014 to 2016.

Among the more egregious examples cited by the FTC, is InfoTrax are storing consumer’s personal details and authentication credentials as plain text on their servers.

As a result of InfoTrax’s security failures, in May 2015 an intruder managed to access their servers.

During a period of almost two years, between May 5, 2014, and February 23, 2016, an intruder accessed InfoTrax’s server undetected a total of seventeen times.

Thereafter, on March 2, 2016, an intruder began to pull information from InfoTrax’s systems.

Specifically, the intruder queried certain databases on InfoTrax’s systems from which the intruder accessed personal information of approximately one million consumers, including: full names; physical addresses; email addresses; telephone numbers; SSNs; distributor user IDs and passwords; and admin IDs and passwords.

One of these databases contained legacy data that Respondents failed to migrate to a new product. Because Respondents did not properly inventory and manage this data, they did not know this data existed, much less take steps to protect it.

On that same day, an intruder accessed a different log file stored on InfoTrax’s server that contained, among other things, even more personal information of consumers, including over 600 names and addresses, over 150 SSNs or other government identification numbers, over 500 unique unmasked payment account numbers with expiration data and CVVs, and 16 bank account and routing numbers.

On March 6, 2016, an intruder queried yet another database from which the intruder accessed over 4100 user IDs and passwords of distributors, in clear text, which could be used to access a client’s website.

With these user IDs and passwords, the intruder could access those distributors’ accounts, where the intruder could access some of the personal information of those distributors and their end consumers, as well as personal information from other websites where distributors and their end consumers used the same user IDs and passwords.

During the period intruders had access to InfoTrax’s systems, personal data belonging to some 11.6 million consumers was at risk.

The FTC alleges p

🤖 Quick Answer

What violations did the FTC accuse InfoTrax of committing?
The FTC alleged that InfoTrax, an MLM services provider founded in 1988, engaged in unreasonable data security practices and violated consumer privacy regulations under the FTC Act. The company, which operates website portals for major MLM brands like doTerra and LifeVantage, failed to implement adequate protective measures for sensitive consumer and distributor information.

Which MLM companies relied on InfoTrax's services?
InfoTrax provided critical infrastructure services for several prominent MLM organizations, including doTerra, Xango, and LifeVantage. The Utah-based company typically managed the major operational aspects of these clients' distributor and customer website portals, handling registrations, orders, and enrollment processes.

What functions did InfoTrax perform for its MLM clients?
InfoTrax operated the principal components

🔗 Related Articles

- IM Mastery Academy Review: iMarketsLive rebooted
- Jifu founder alleges “legally risky business practices” (FTC?)
- Silver Star Live’s David Mayer sued by CFTC for fraud
- Fintoch collapses, “William Thompson” outed as Joel Fry
- Lifestyle Marketing Group Review 2.0: Matrix points pyramid