About 1.1 million Young Living account credentials were made public on a well-known hacker site earlier this month.
Although the data breach itself is thought to have occurred earlier, the information were made public on December 11.
Names of distributors and customers, together with the matching email addresses, dates of birth, and geographic area, are among the Young Living account details that have been leaked.
Have I Been Pwned is a website. asserts that it confirmed the hack on December 19th and attributes it to “Threat Actor 888”:
Notably, “multiple attempts to contact Young Living regarding the data were not answered.”
Utah is home to Young Living’s headquarters. According to Utah legislation, Young Living must first.
To ascertain the possibility that personal information has been or will be abused for identity theft or fraud, a reasonable and timely inquiry should be conducted in good faith.
This conclusion is probably obvious since the account credentials were posted on a hacker forum.
Young Living must “notify each affected Utah resident” after assessing whether the collected personal information “will be misused for identity theft and fraud purposes.”
Young Living must notify the Utah Office of the Attorney General and Utah Cyber Centre if the account information of more than 500 Utah residents is at issue.
In the event that over 1000 Utah citizens’ sensitive information is at risk, Young Living must
Give notice to any consumer reporting organisation that gathers and keeps consumer data nationally.
It’s unclear whether Young Living is abiding with Utah law since the corporation isn’t making any public demands for information about the breach.
There are no reviews yet. Be the first one to write one.
