Drizly data security to be monitored for 20 years under FTC order
By 
Adrianne Appel2023-01-11T20:38:00
Online alcohol retailer Drizly and its chief executive officer agreed to data security requirements and to be assessed by an independent monitor for up to 20 years as part of a final settlement with the Federal Trade Commission over a data breach that impacted 2.5 million consumers, the FTC announced Tuesday.
The FTC had proposed the measures and filed a complaint against Drizly in October, alleging the company and CEO James Cory Rellas knew about security vulnerabilities and ignored them.
Customer emails, addresses, phone numbers, and other data were unnecessarily stored by the company on an insecure platform with gaps that allowed hackers to gain access, the FTC alleged.
THIS IS MEMBERS-ONLY CONTENT
You are not logged in and do not have access to members-only content.
If you are already a registered user or a member, SIGN IN now.
Related articles
-
ArticleFTC places restrictions on CEO in Drizly enforcement proposal
The Federal Trade Commission announced a tentative settlement with online alcohol delivery platform Drizly and its chief executive officer regarding a data breach affecting 2.5 million consumers and the alleged lax security that allowed it to happen.
-
OpinionWhen AI Is Forced on Compliance: The ECCP as your Guide
When a company rapidly adopts AI, compliance officers can be blindsided, tasked with governance almost immediately. Luckily, there is a guide from the U.S. Department of Justice to help.
-
ArticleOpenAI’s Nicole Diaz: AI is “the new frontier of product liability”
At Compliance Week’s recent Artificial Intelligence and Compliance event, one message came through clearly: Companies are moving quickly to adopt AI, while compliance programs are still trying to catch up.
More from Regulatory Enforcement
-
ArticleFrench investigators target anticompetitive practices in largest accounting firms
Major accountancy firms in France are under investigation for anti-competitive practices. The French competition watchdog embarked on a series of “unannounced inspections” and removed documents relating to audit and reporting on Jan. 13.
-
ArticleEU investigation into Grok may expose problems with DSA rather than compliance failings
The European Commission has launched a formal investigation against Elon Musk’s X under the Digital Services Act over fears that its AI tool Grok may be producing and disseminating illegal material.
-
ArticleFormer ADM execs inflated operating profits, SEC alleges
Three former executives at Archer-Daniels-Midland intentionally misled investors by inflating the performance of the company’s Nutrition unit, the U.S. Securities and Exchange Commission has alleged.