logo
Drizly agrees to tighten data security after alleged breach

Drizly agrees to tighten data security after alleged breach

Alcohol delivery app Drizly has agreed to tighten its data security and limit data collection to resolve federal regulators’ allegations that its security failures led to a breach exposing the personal information of some 2.5 million customers

By AP News
Published - Oct 24, 2022, 05:30 PM ET
Last Updated - Jun 24, 2023, 01:41 AM EDT

WASHINGTON (AP) — Alcohol delivery app Drizly has agreed to tighten its data security and limit data collection to resolve federal regulators’ allegations that its security failures exposed the personal information of some 2.5 million customers.

The Federal Trade Commission announced the action Monday against Drizly, a Boston-based subsidiary of Uber that delivers beer, wine and spirits in states where it’s legal, and partners with retailers in hundreds of cities around the US. The proposed consent agreement with the FTC also names Drizly CEO James Cory Rellas. The regulators allege that the company and Rellas were alerted to security problems two years before the 2020 breach yet failed to act to protect consumers’ data.

Drizly agreed to put in a comprehensive data security program and establish security safeguards, and to limit future data collection or storage to that which is necessary for specific purposes. It will also destroy unnecessary data.

“Our proposed order against Drizly not only restricts what the company can retain and collect going forward but also ensures the CEO faces consequences for the company’s carelessness,” Samuel Levine, director of the FTC’s bureau of consumer protection, said in a statement. “CEOs who take shortcuts on security should take note.”

Our Offices
  • 10kInfo, Inc.
    13555 SE 36th St
    Bellevue, WA 98006
  • 10kInfo Data Solutions, Pvt Ltd.
    Claywork Create
    11 km, Arakere Bannerghatta Rd, Omkar Nagar, Arekere,
    Bengaluru, Karnataka 560076
4.2 12182024