It appears that maybe applying extra concealer and setting powder may not be enough to fix this hot mess…

Welcome Back!

Welcome back for another installment of the cyber attack of the week series. Today, CPG released the 14th article in the series in a continuation of informing the public on recent data breaches. 

Overall, it is our hope to keep our readers informed on the latest breaches across all companies and platforms. This is the goal in which we hope to achieve as well as spread awareness and insight. 

Now, this week, CPG is taking a look at Arbonne. This is another play on a multi-level marketing beauty brand company. These types of organizations pop up everywhere now. But today, we are only focusing on the one with a data breach.


Background on Arbonne 

To begin, let’s dig into what Arbonne is. As previously stated above we know it is a multi-level marketing company. This company sells skincare, makeup, supplements and many other beauty/wellness items. 

Further, it may even be possible that someone you know works for this company, and sells such products. The most popular platform to sell such products on is Facebook. I know I have personally come across several people online selling products associated with this company. 

Anyway, back to the breach. What exactly happened? Well the glass is still a bit foggy on this issue. But, nonetheless, let’s take a look at the information presented thus far. 


The Attack

Diving into the attack, Arbonne first notified customers back in April of the data breach via a company notice. To read the letter, click here. But basically, the company said, 


On the evening of April 20, 2020, Arbonne became aware of unusual activity within a limited number of its internal systems. Arbonne immediately commenced an investigation with the assistance of third-party computer specialists. 

While the investigation remains ongoing, the preliminary investigation determined that certain information in Arbonne’s systems may have been accessed without authorization. On April 23,2020, the investigation identified a data table containing limited personal information that may have been accessible to unauthorized actors.

Arbonne confirmed that the information that could have been subject to unauthorized access includes personal information as defined by Cal. Civ. Code § 1798.82(h)(2) such as name, address, username and password.


In other words, the company became aware of the data breach due to the detection of unusual activity on internal systems. Further, upon investigation, the discovery that system data was accessed and may put customers at risk.

Arbonne actually released a rather informative notice regarding the breach. Most of the time when a company releases a notice regarding a breach, it is one page with little to no information. 

Continuing, Arbonne released an eight page statement with information regarding what happened, the information under attack, what they are doing now, and so forth. I know this is not a great situation to be in, but, the statement and provided information released by the company is more helpful and informative than most. 


Moving Forward

In the wake of the attack and investigation, Arbonne issued a mandatory password reset across all accounts. Following the reset, they recommend users stay vigilant of their account activity and look out for unusual logins. 

Finally, for affected users, Arbonne is offering 12 months of a free identity monitoring service. The company also promises to investigate the breach further and ramp up cyber security. 


By Taylor Ritchey