Arbonne
Company Details
Linkedin ID:
arbonne
Website:
Employees number:
14,630
Number of followers:
75,374
NAICS:
43
Industry Type:
Homepage:
arbonne.com
IP Addresses:
0
Company ID:
ARB_1184251
Scan Status:
In-progress
Arbonne Company CyberSecurity Posture
arbonne.com
Arbonne, creates personal skincare and wellness products that are crafted with premium botanical ingredients and innovative scientific discovery. Delivering on the Company’s commitment to pure, safe and beneficial products, Arbonne’s personal care and nutrition formulas are vegan certified and adhere to a strict Purity and Safety Ingredient Policy. The History The idea to provide skin care products unparalleled in quality and effectiveness developed in Switzerland in 1975, when one man, Petter Mørck, together with a group of leading bio-chemists, biologists and herbalists, fulfilled his vision and founded Arbonne. Arbonne's skin care products, based on botanical principles, became a reality in the United States in 1980 and are now shared throughout the world through Arbonne's network of Independent Consultants. Building on these same founding principles, Arbonne's product line has since grown to include both inner and outer health and beauty products that are unparalleled in quality, safety, value, benefits and results! The wonderful thing about Arbonne is that it's not just about great products, it's also about great people. The Arbonne family is made up of thousands of individuals working to make their dreams come true. Through sales incentives and rewards, travel opportunities, a generous SuccessPlan and great products, Arbonne offers a unique opportunity that can help make anyone's vision for the future a reality.
Arbonne A.I CyberSecurity Scoring
Arbonne Risk Score (AI oriented)Between 700 and 749
Arbonne
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Arbonne Global Score (TPRM)XXXX
Arbonne
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Arbonne Company CyberSecurity News & History
Past Incidents
2
Attack Types
1
Arbonne
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: International multi-level marketing (MLM) firm Arbonne International exposed the personal information and credentials of thousands after its internal systems were breached by an unauthorized party. There was an unusual activity within a limited number of its internal systems. 3,527 California residents were impacted by the incident. The data compromised included names, email and mailing addresses, order purchase histories, phone numbers, and Arbonne account passwords.
Arbonne International, LLC
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The California Office of the Attorney General reported on May 22, 2020, that Arbonne International, LLC experienced a data breach on April 20, 2020, potentially affecting 3,527 California residents. The breached data may have included names, addresses, usernames, passwords, and additional personal information related to individuals' accounts.
Arbonne Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Arbonne
Incidents vs Retail Industry Average (This Year)
No incidents recorded for Arbonne in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Arbonne in 2025.
Incident Types Arbonne vs Retail Industry Avg (This Year)
No incidents recorded for Arbonne in 2025.
Incident History — Arbonne (X = Date, Y = Severity)
Arbonne cyber incidents detection timeline including parent company and subsidiaries
Arbonne Company Subsidiaries
Arbonne, creates personal skincare and wellness products that are crafted with premium botanical ingredients and innovative scientific discovery. Delivering on the Company’s commitment to pure, safe and beneficial products, Arbonne’s personal care and nutrition formulas are vegan certified and adhere to a strict Purity and Safety Ingredient Policy. The History The idea to provide skin care products unparalleled in quality and effectiveness developed in Switzerland in 1975, when one man, Petter Mørck, together with a group of leading bio-chemists, biologists and herbalists, fulfilled his vision and founded Arbonne. Arbonne's skin care products, based on botanical principles, became a reality in the United States in 1980 and are now shared throughout the world through Arbonne's network of Independent Consultants. Building on these same founding principles, Arbonne's product line has since grown to include both inner and outer health and beauty products that are unparalleled in quality, safety, value, benefits and results! The wonderful thing about Arbonne is that it's not just about great products, it's also about great people. The Arbonne family is made up of thousands of individuals working to make their dreams come true. Through sales incentives and rewards, travel opportunities, a generous SuccessPlan and great products, Arbonne offers a unique opportunity that can help make anyone's vision for the future a reality.
Loading...
Arbonne Similar Companies
Wegmans Food Markets
Wegmans Food Markets is a family-owned regional supermarket chain and one of the largest private companies in the US. Recognized as an industry leader and innovator, the company was founded in 1916 and employs over 53,000 people. Wegmans has been named one of the “100 Best Companies to Work For” by
Founded in 1946, Tupperware's signature container created the modern food storage category that revolutionized the way the world stores, serves and prepares food. Today, we continue to innovate for the benefit of people and our planet by designing innovative, functional and environmentally responsib
H&M
At H&M, we welcome you to be yourself and feel like you truly belong. Help us reimagine the future of an entire industry by making everyone look, feel, and do good. We take pride in our history of making fashion accessible to everyone and led by our values we strive to build a more welcoming, inclu
Founded in 1947, H&M Group is a global design company with ~4,702 stores in 76 markets and 56 online markets. At H&M Group, we believe in making great design available to everyone. It’s essential in everything we do. Our family of brands and business ventures offer customers around the world a wealt
Sunbelt Rentals, Inc.
At Sunbelt Rentals, we provide the tools, equipment, and support our customers need to build and maintain the world around us. With locations across the U.S. and Canada and a team of passionate experts, we're here to ensure our customers have what they need to get the job done right—safely, efficie
Marisa S.A.
Marisa S.A. is the largest Brazilian department store chain specialized in women’s clothing based on the number of stores in Brazil. The Company’s business strategy and operations focus primarily on middle-lower income women between the ages of 20 and 35. The Company’s target customers are members o
Reliance Digital
Reliance Digital is a Consumer Electronics, Durables, IT & Telecom retail arm of Reliance Retail Group with more than 1300+ stores across India. Reliance Digital seeks to fulfill the dream of every Indian, be it through its nationwide network of conveniently located stores or through its presenc
Canadian Tire Corporation, Limited (“CTC”) is one of Canada’s most admired and trusted companies. With world-class owned brands and exciting market-leading merchandising strategies, we are continually innovating with purpose: to be there for Canadians from coast-to-coast. We are a group of compani
Fred Meyer
The Kroger Co., together with its subsidiaries, operates as a food retailer in the United States. The company operates three formats of supermarkets: combination food and drug stores (combo stores), multi department stores, and price impact warehouse stores or marketplace stores. The combo stores op
.png)
Arbonne CyberSecurity News
November 27, 2025 01:41 PM
Essential ways to build a robust cybersecurity strategy for the new year
Entering the new year with a robust cybersecurity strategy is essential. Threats are growing more sophisticated, often leveraging AI to craft...
November 27, 2025 01:00 PM
2026: The Rise of AI-Powered Cybercrime
As human-free cybercrime and AI agents redefine digital threats, Mexico must modernize cybersecurity to address new risks, writes Oscar...
November 27, 2025 01:00 PM
Data breaches, but worse: When hackers target our public services | Opinion
Hackers took password data from emergency alert system CodeRED. The data we hand over for public services often goes to private companies.
November 27, 2025 12:57 PM
6 Ways AI Is Quietly Reshaping Enterprise Cybersecurity
Artificial intelligence is changing how enterprises defend digital systems. It no longer acts as an optional tool but as a key part of daily...
November 27, 2025 12:36 PM
FDA could intensify focus on medtech cybersecurity in 2026
The FDA's cybersecurity dictates around premarket applications' have been in effect since 2023, with more post-market oversight expected...
November 27, 2025 12:30 PM
Buy 3 Cybersecurity Stocks Ahead of Cyber Monday for Long-Term Gains
Ahead of Cyber Monday, picks highlight long-term cybersecurity potential as CRWD, QLYS and CYBR leverage rising demand for advanced...
November 27, 2025 11:21 AM
FCC Chairman Carr’s trust in telecom-led cybersecurity is audacious
The Federal Communications Commission (FCC) decision late last week to rescind a telecom cybersecurity ruling enacted during the last days...
November 27, 2025 10:24 AM
SGS Highlights Cybersecurity Capabilities With World’s First EU RED-NB Certification and Cybersecurity Mark
HONG KONG, Nov. 26, 2025 /PRNewswire/ -- SGS, the world's leading testing, inspection and certification company, has awarded Ruijie Networks...
November 27, 2025 10:23 AM
UWF B.S. in Cybersecurity AI specialization approved as a National Center of Academic Excellence in Cyber Artificial Intelligence Program of Study
Pensacola, Fla. – Nov. 19, 2025 – The University of West Florida's new AI specialization in the B.S. in Cybersecurity program has been...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Arbonne CyberSecurity History Information
Official Website of Arbonne
The official website of Arbonne is http://www.arbonne.com.
Arbonne’s AI-Generated Cybersecurity Score
According to Rankiteo, Arbonne’s AI-generated cybersecurity score is 742, reflecting their Moderate security posture.
How many security badges does Arbonne’ have ?
According to Rankiteo, Arbonne currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Arbonne have SOC 2 Type 1 certification ?
According to Rankiteo, Arbonne is not certified under SOC 2 Type 1.
Does Arbonne have SOC 2 Type 2 certification ?
According to Rankiteo, Arbonne does not hold a SOC 2 Type 2 certification.
Does Arbonne comply with GDPR ?
According to Rankiteo, Arbonne is not listed as GDPR compliant.
Does Arbonne have PCI DSS certification ?
According to Rankiteo, Arbonne does not currently maintain PCI DSS compliance.
Does Arbonne comply with HIPAA ?
According to Rankiteo, Arbonne is not compliant with HIPAA regulations.
Does Arbonne have ISO 27001 certification ?
According to Rankiteo,Arbonne is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Arbonne
Arbonne operates primarily in the Retail industry.
Number of Employees at Arbonne
Arbonne employs approximately 14,630 people worldwide.
Subsidiaries Owned by Arbonne
Arbonne presently has no subsidiaries across any sectors.
Arbonne’s LinkedIn Followers
Arbonne’s official LinkedIn profile has approximately 75,374 followers.
NAICS Classification of Arbonne
Arbonne is classified under the NAICS code 43, which corresponds to Retail Trade.
Arbonne’s Presence on Crunchbase
No, Arbonne does not have a profile on Crunchbase.
Arbonne’s Presence on LinkedIn
Yes, Arbonne maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/arbonne.
Cybersecurity Incidents Involving Arbonne
As of November 27, 2025, Rankiteo reports that Arbonne has experienced 2 cybersecurity incidents.
Number of Peer and Competitor Companies
Arbonne has an estimated 15,247 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Arbonne ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
Incident Details
Can you provide details on each incident ?
Title: Arbonne International Data Breach
Description: International multi-level marketing (MLM) firm Arbonne International exposed the personal information and credentials of thousands after its internal systems were breached by an unauthorized party.
Type: Data Breach
Attack Vector: Internal System Breach
Threat Actor: Unauthorized Party
Title: Arbonne International Data Breach
Description: The California Office of the Attorney General reported on May 22, 2020, that Arbonne International, LLC experienced a data breach on April 20, 2020, potentially affecting 3,527 California residents. The breached data may have included names, addresses, usernames, passwords, and additional personal information related to individuals' accounts.
Date Detected: 2020-04-20
Date Publicly Disclosed: 2020-05-22
Type: Data Breach
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach ARB1315301222
Data Compromised: Names, Email addresses, Mailing addresses, Order purchase histories, Phone numbers, Arbonne account passwords
Systems Affected: Internal Systems
Incident : Data Breach ARB831072525
Data Compromised: Names, Addresses, Usernames, Passwords, Additional personal information
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Names, Email Addresses, Mailing Addresses, Order Purchase Histories, Phone Numbers, Arbonne Account Passwords, , Names, Addresses, Usernames, Passwords, Additional Personal Information and .
Which entities were affected by each incident ?
Incident : Data Breach ARB1315301222
Entity Name: Arbonne International
Entity Type: Multi-Level Marketing Firm
Industry: MLM
Customers Affected: 3527
Incident : Data Breach ARB831072525
Entity Name: Arbonne International, LLC
Entity Type: Company
Industry: Health and Wellness
Location: California
Customers Affected: 3527
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach ARB1315301222
Type of Data Compromised: Names, Email addresses, Mailing addresses, Order purchase histories, Phone numbers, Arbonne account passwords
Number of Records Exposed: 3527
Personally Identifiable Information: Yes
Incident : Data Breach ARB831072525
Type of Data Compromised: Names, Addresses, Usernames, Passwords, Additional personal information
Number of Records Exposed: 3527
References
Where can I find more information about each incident ?
Incident : Data Breach ARB831072525
Source: California Office of the Attorney General
Date Accessed: 2020-05-22
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: California Office of the Attorney GeneralDate Accessed: 2020-05-22.
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Unauthorized Party.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2020-04-20.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2020-05-22.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Names, Email Addresses, Mailing Addresses, Order Purchase Histories, Phone Numbers, Arbonne Account Passwords, , names, addresses, usernames, passwords, additional personal information and .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Phone Numbers, Email Addresses, usernames, addresses, additional personal information, Order Purchase Histories, Mailing Addresses, passwords, Arbonne Account Passwords, names and Names.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 718.0.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is California Office of the Attorney General.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f
- https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc
- https://github.com/angular/angular/commit/3240d856d942727372a705252f7c8c115394a41e
- https://github.com/angular/angular/releases/tag/19.2.16
- https://github.com/angular/angular/releases/tag/20.3.14
- https://github.com/angular/angular/releases/tag/21.0.1
- https://github.com/angular/angular/security/advisories/GHSA-58c5-g7wp-6w37
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=arbonne' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
