FTC places restrictions on CEO in Drizly enforcement proposal
By 
Adrianne Appel2022-10-24T21:13:00
The Federal Trade Commission (FTC) announced a tentative settlement with online alcohol delivery platform Drizly and its chief executive officer regarding a data breach affecting 2.5 million consumers and the alleged lax security that allowed it to happen.
The proposed order, released Monday, will be printed in the Federal Register and subjected to a 30-day comment period, after which the FTC may decide to accept it and make it final or withdraw from it.
The agency highlighted the inclusion of Drizly CEO James Cory Rellas in its proposed order for his role in presiding over the company’s alleged security failures.
Related articles
-
News Brief
Drizly data security to be monitored for 20 years under FTC order
Online alcohol retailer Drizly and its chief executive officer agreed to data security requirements and to be assessed by an independent monitor for up to 20 years as part of a final settlement with the Federal Trade Commission over a data breach that impacted 2.5 million consumers.
-
ArticleUber CSO ruling fallout: Individual liability extends to data breach response
The case of the Uber chief security officer found guilty by a jury on two felonies for covering up a data breach and misleading federal regulators opens up another potential individual liability issue executives handling cyber incidents face, according to legal experts.
-
ArticleEx-Uber security chief found guilty of obstructing FTC data breach probe
Joseph Sullivan, the former chief security officer of Uber Technologies, was found guilty of two felonies connected to allegations he covered up a massive data breach at the ridesharing company and misled federal regulators about Uber’s response.
More from Regulatory Enforcement
-
ArticleFormer startup CEO gets 7 years in prison for $175M fraud against JPMorgan Chase
Charlie Javice, a former CEO who duped JPMorgan Chase into purchasing her start up company for $175 million, has been ordered to forfeit more than $22 million by the Department of Justice (DOJ) and to spend 7 years in jail.
-
ArticleGeorgia Tech to pay $875,000 for allegations brought by compliance officers
Georgia Tech Research Corp. (GTRC) has agreed to pay $875,000 to settle allegations first raised by two compliance officers that its cybersecurity protocols violated acceptable standards for defense contractors, the Department of Justice (DOJ) said.
-
ArticleTractor Supply Company hit with $1.35M fine for alleged California privacy violations
Tractor Supply Company has agreed to get into compliance with California’s consumer privacy law and to pay a $1.35 million fine—the largest yet by California—to settle allegations it violated the privacy rights of customers and job applicants.