This alert may not be shared outside your organization, Do Not Repost or send, place on other websites, List servers, or send to others via email, including other associations or parties. Members and Law enforcement use only. Contact us for any permissions. To do otherwise will result in the loss of membership.
Complete Story
11/15/2019
Only after running out of hard disk space did firm realise hacker had stolen one million users’ details
State of Security
Yet another company has been found lacking when it comes to securing its consumers’ data.
Utah-based InfoTrax Systems provides back-end services to multi-level marketing companies (MLMs) such as dōTERRA, ZanGo, and LifeVantage, providing website portals where individuals can register as a distributor, sign-up new distributors, and place orders for themselves and end consumers.
According to a complaint from the US Federal Trade Commission (FTC), InfoTrax was first breached by a hacker in May 2014, who exploited network vulnerabilities to gain remote control over its systems.
The hacker was able to view and access files on InfoTrax’s server, delete, and upload new files. In all, they are said to have breached Infotrax’s system 17 times over the next 21 months.
Then, on March 2, 2016, the hacker accessed the sensitive personal details of one million consumers.
According to the FTC, InfoTrax had been storing consumers’ social security numbers, payment card details, bank account information, user IDs, and passwords in “clear, readable text” on its network.
Alerts
The FRPA alert system distinguishes us from other groups by gathering and providing information to law enforcement, retailers AND financial institutions.
more information
Resources
Your electronic library to help in fighting financial fraud for all of our partners.
more information