DōTERRA International Hacked, Teams Up with AllClear ID

ake (5)

Utah-based essential oils distributor dōTERRA International announced last week in a letter that one of its third-party data hosting servers has been hacked, compromising the personal data and information of customers and wholesale distributors alike. Company representatives believe the intrusion occurred in March 2016, potentially compromising the following private data:

  • Names
  • Social Security numbers
  • Other government-issued identification numbers
  • Payment card information
  • Full or partial card numbers
  • Security codes
  • Expiration dates
  • Dates of birth
  • Postal and email addresses
  • Telephone numbers
  • Usernames and passwords for dōTERRA’s online portal

The company has not yet identified the exact number of people affected by the data breach, but experts have confirmed that those who were affected primarily reside in the United States and Canada. Customers and distributors who have not received a notice of breach from dōTERRA were not affected by the breach.

DōTERRA’s Solution

While dōTERRA has issued a notice of data breach to each customer and distributor who has potentially been affected by the breach, there is no evidence that the data has been misused in any way. In addition to law enforcement, the State of California Attorney General’s office, and the Federal Bureau of Investigation, dōTERRA has teamed up with identity security company AllClear ID to provide up to 24 months of free identity protection services and credit monitoring to its affected clientele.

About AllClear ID

The letter identifies identity theft protection company AllClear ID as dōTERRA’s solution for potential misuse of customer and distributor information. Although AllClear ID is not a top-rated identity theft protection company in terms of comprehensive protection services, the company does rank well among companies with a restoration-focused platform. The company provides lost wallet protection, three-bureau credit monitoring, as well as fraud detection.

However, in the event that their data is misused as a direct result of this data breach, dōTERRA customers and associates should expect a lengthy recovery process when working with AllClear ID. Current and former AllClear ID customers have reported to BestCompany.com that the company can be difficult to work with over the phone and via email.