Utah essential oil company announces third-party data breach

Utah-based essential oil company doTERRA is warning customers and distributors that their personal information may have been compromised in a data breach in March.

In a letter released last week, the company said intruders may have accessed information like names, Social Security numbers, payment information, birthdates and more through a third-party vendor that provides doTERRA with data hosting and .

doTERRA said in a statement it is working with law enforcement and security experts to address the issue.

The company, which launched in 2008, sources essential oils from 40 countries. It makes and sells oils and spa, personal care and dietary supplement products. doTERRA employs 2,000 people. It sells to customers in 73 countries and has 1.5 million independent distributors across the globe, according to a recent Spectrum newspaper profile of the company.

The letter suggests that doTERRA customers review account statements, order a credit report and change passwords. The company is offering letter recipients an identity protection and credit monitoring service for 24 months at no cost.

It's unclear how many customers may have been affected. The company didn't immediately return messages from The Associated Press seeking comment Wednesday.


Explore further

Senator calls for Experian to share details on data breach

© 2016 The Associated Press. All rights reserved.

Citation: Utah essential oil company announces third-party data breach (2016, April 27) retrieved 8 December 2021 from https://phys.org/news/2016-04-utah-essential-oil-company-third-party.html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.
10 shares

Feedback to editors