Compliance Management, Breach, Incident Response, Identity

Alcohol delivery service Drizly subjected to FTC action following 2020 breach

Stronger restrictions are being proposed by the Federal Trade Commission against alcoholic beverage delivery platform Drizly following a data breach in 2020 that compromised sensitive information from 2.5 million individuals, which federal regulators earlier attributed to the service's persistent security lapses, according to CNN. Aside from compelling Drizly to bolster its cybersecurity measures and restrict data gathering, the proposal would also require the alcohol delivery service to delete collected customer data that is not required for its operations. Moreover, Drizly CEO James Cory Rellas would be subjected to binding obligations for all business activities, even those unrelated to Drizly. Such an order has been proposed in light of FTC investigation that noted Drizly's awareness of its cybersecurity issues beginning in 2018, when the platform's cloud computing accounts have been compromised through the use of employee credentials. Drizly also had its corporate network infiltrated by threat actors who stole customer data in 2020. "We take consumer privacy and security very seriously at Drizly, and are happy to put this 2020 event behind us," said a Drizly spokesperson.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.