![]() ![]() In its complaint, the FTC alleges that Drizly and Rellas: Two years later, a hacker breached an employee account, got access to Drizly’s corporate GitHub login information, hacked into the company’s database, and then stole customers’ information. Drizly failed to take steps to adequately address its security problems while publicly claiming to have appropriate security protections in place. As a result of this security breakdown, hackers were able to use Drizly’s servers to mine cryptocurrency until the company changed its login information for its cloud computing account. In 2018, a Drizly employee posted company cloud computing account login information on the software development and hosting platform GitHub. The company collects and stores on Amazon Web Services cloud computing service a wide range of personal information from consumers such as email, postal addresses, phone numbers, unique device identifiers, geolocation information and data purchased from third parties.Īccording to the FTC’s complaint, Drizly and Rellas were alerted to problems with the company’s data security procedures following an earlier security incident. “CEOs who take shortcuts on security should take note.”īoston-based Drizly, a subsidiary of Uber, operates an online marketplace where consumers of legal drinking age can place orders with retailers to buy beer, wine, and alcohol for delivery. “Our proposed order against Drizly not only restricts what the company can retain and collect going forward but also ensures the CEO faces consequences for the company’s carelessness,” said Samuel Levine, Director of the FTC’s Bureau of Consumer Protection. The FTC’s proposed order requires the company to destroy unnecessary data, restricts the data that the company can collect and retain, and binds Rellas to specific data security requirements for his role in presiding over unlawful business practices. Drizly and Rellas were alerted to security problems two years prior to the breach yet failed to take steps to protect consumers’ data from hackers. The Federal Trade Commission is taking action against the online alcohol marketplace Drizly and its CEO James Cory Rellas over allegations that the company’s security failures led to a data breach exposing the personal information of about 2.5 million consumers. About the FTC Show/hide About the FTC menu items.News and Events Show/hide News and Events menu items. ![]() Advice and Guidance Show/hide Advice and Guidance menu items.Competition and Consumer Protection Guidance Documents. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |