PLEASANT GROVE, Utah (AP) — Utah-based essential oil company doTERRA is warning customers and distributors that their personal information may have been compromised in a data breach in March.
In a letter released last week, the company said intruders may have accessed information such as names, Social Security numbers, payment information, birthdates and more through a third-party vendor that provides doTERRA with data hosting and software services.
doTERRA said in a statement it was working with law enforcement and security experts to address the issue.
The company, which launched in 2008, sources essential oils from 40 countries. It makes and sells oils and spa, personal care and dietary supplement products. doTERRA employs 2,000 people. It sells to customers in 73 countries and has 1.5 million independent distributors across the globe, according to a recent Spectrum newspaper profile of the company.
Most Read Business Stories
- Flawed analysis, failed oversight: How Boeing, FAA certified the suspect 737 MAX flight control system | Times Watchdog
- Investigators find new clues pointing to potential cause of 737 MAX crashes as FAA details Boeing's fix
- Why France is analyzing Ethiopian jet's black boxes
- Mention of jackscrew in Boeing 737 MAX crash evokes memories of Alaska Flight 261, but key differences exist
- 'Everybody feels it': Boeing workers react to second 737 crash
The letter suggests that doTERRA customers review account statements, order a credit report and change passwords. The company is offering letter recipients an identity protection and credit monitoring service for 24 months at no cost.
It’s unclear how many customers may have been affected. The company didn’t immediately return messages from The Associated Press seeking comment Wednesday.
Utah FBI spokeswoman Sandra Yi Barker said the agency was aware of the apparent breach, but she could not release more information because the investigation is ongoing.