Important security information
July 28, 2020
At Drizly, we take the security of our customers' data very seriously and have tools in place to monitor the safety of it on an ongoing basis. We recently identified some suspicious activity involving our customers’ data and initiated an investigation to determine what may have occurred. We’ve found that an unauthorized party appears to have obtained some of our customers’ personal information, including email address, date of birth, hashed passwords and in some rare cases delivery address.
The passwords in question were hashed, or cryptographically protected, meaning the credentials were not disclosed in plain text, and therefore cannot be used to gain access to our customers’ accounts on Drizly. Additionally, it’s important to note that no financial information -- i.e. neither credit card nor debit card information -- was compromised. This investigation is ongoing, and we have engaged a cyber security firm to help us identify all affected parties.
Though your password was not compromised, we did want to simply reiterate best practices for setting a password on any site, such as using a unique and complex password consisting of a combination of letters, numbers, and special characters. You should avoid using the same password across multiple sites and should periodically change your passwords.
We take issues like this with the utmost seriousness and our security team has implemented further measures to help ensure that something like this does not happen again. However, if you have any questions or concerns about this incident, please feel free to contact us at [email protected]