Drizly agrees to tighten data security after alleged breach

Credit: Unsplash/CC0 Public Domain

Alcohol delivery app Drizly has agreed to tighten its data security and limit data collection to resolve federal regulators’ allegations that its security failures exposed the personal information of some 2.5 million customers.

The Federal Trade Commission announced the action Monday against Drizly, a Boston-based subsidiary of Uber that delivers beer, wine and spirits in states where it’s legal, and partners with retailers in hundreds of cities around the US. The proposed consent agreement with the FTC also names Drizly CEO James Cory Rellas. The regulators allege that the company and Rellas were alerted to security problems two years before the 2020 breach yet failed to act to protect consumers’ data.

Drizly agreed to put in a comprehensive data security program and establish security safeguards, and to limit future data collection or storage to that which is necessary for specific purposes. It will also destroy unnecessary data.

“Our proposed order against Drizly not only restricts what the company can retain and collect going forward but also ensures the CEO faces consequences for the company’s carelessness,” Samuel Levine, director of the FTC’s bureau of consumer protection, said in a statement. “CEOs who take shortcuts on security should take note.”

Drizly collects and stores on Amazon Web Services cloud-computing service a wide range of personal data from customers such as email and postal addresses, phone numbers, geolocation information and data purchased from third parties, according to the FTC.

“We take consumer privacy and security very seriously at Drizly, and are happy to put this 2020 event behind us,” the company said in a statement.

The proposed consent agreement will be opened to public comment for 30 days, after which the FTC will decide whether to make it final.


Uber to buy alcohol delivery startup Drizly


© 2022 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed without permission.

Citation:
Drizly agrees to tighten data security after alleged breach (2022, October 25)
retrieved 25 October 2022
from https://techxplore.com/news/2022-10-drizly-tighten-alleged-breach.html

This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no
part may be reproduced without the written permission. The content is provided for information purposes only.

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.