Drizly is an alcohol delivery app based in Boston and are a subsidiary of Uber. They allegedly suffered a data breach in 2020 that exposed the personal information of an estimated 2.5 million consumers. On Monday, the Federal Trade Commission (FTC) announced their action against the app stating that the company and their CEO, James Corey Rellas, were alerted to security problems as long as two years before the breach and failed to protect their customers’ data.
Following the proposed order from the FTC, Drizly have agreed to:
- Put in a comprehensive data security program
- Establish security safeguards
- Limit future data collection or storage to that which is necessary for specific purposes.
Samuel Levine, director of the FTC’s bureau of consumer protection, spoke about holding CEO’s accountable for carelessness within a company.
CEOs who take shortcuts on security should take note.Samuel Levine, Director of FTC’s Bureau of Consumer Protection
You can read more about this on SecurityWeek.
The FTC are making it clear they are not going to let CEOs off when it comes to lacking security measures. Value Privacy are able to find out whether your company is at risk and can help you manage those vulnerabilities. The cost is a fraction of what it could cost if you get caught out and end up with a fine. Find out more about how we can help.