Drizly is one of the famous alcohol delivery startups, and recently, on Tuesday, Drizly confirmed that they had suffered a data breach. Through emails, Drizly informed all its customers about this data breach.
According to the reports, the threat actors have stolen nearly 2.5 million Drizly accounts, which contains some of the accounts of Drizly staff members. The data that has been stolen was verified against public records, and it includes all personal information regarding the customers and staff members of Drizly.
Drizly had not yet confirmed that when this data breach has occurred, but they did a safety measure for all their customers, as Drizly suggested to all its customers to change their password as soon as possible.
More importantly, Drizly confirmed that in this data breach, there is no financial data was involved or stolen. But the TechCrunch has reported that they got some of their data in the dark web market place.
The data that are involved or stolen in this data breach contains all private information of their customers and some of their staff members; and nearly 2.5 million Drizly accounts were stolen in this data breach.
But, what are the data that are involved in this breach? The data that involved are all personal data, and they are:-
- Phone number
- Delivery address
- Credit card numbers
- Order history
The chief executive officer of security information and event management firm Gurucul Solutions Pvt Ltd A.G. Mr. Saryu Nayyar reported that the stolen data has been accessible on the dark web since mid-February, it’s like since February 13.
But the data breach was detected by Drizly on July 13 and just after the discovery, they informed their customers regarding the data breach. However, some delivery address was involved in the data breach under 2% of the records.
The data that are listed on the dark web market are is on sale for $14, but Drizly has not yet claimed all this information regarding the data breach, although no sample of data was granted, the listing declares to have tested Drizly credit card numbers and users’ order history.
Moreover, the threat actors have targeted the Drizly, as it has become one of the famous online alcohol delivery services in the U.S. and Canada, and, till now, it has increased upto $68 million to the date, rivaling Minibar and Delivery.com.