Alcohol delivery service app Drizly has revealed that they suffered a massive data breach. Hackers mined information from over 2.5 million accounts.
According to a report from Tech Crunch, an email issued to Drizly customers stated that an unauthorized party obtained data from customers, including email addresses, IP addresses, passwords, phone numbers, dates of birth, and in the most extreme cases, user’s delivery addresses.
The alcohol e-commerce platform allows for users to order alcoholic beverages to their homes through an app. Drizly discovered the breach on July 13th and stated that they “quickly took steps to tighten security and further reduce risk of attack.”
The email noted that, “the passwords in question were hashed, or cryptographically protected, meaning the credentials were not disclosed in plain text”. This means that the information is not immediately available to the hackers. However, Drizly has stated that affected users should use an abundance of caution and change their passwords.
Drizly states that financial information, such as credit or debit cards, were not part of the breach. However, TechCrunch has reported a listing on a dark web marketplace claiming access to credit card numbers and user history. It is unclear as to whether this listing is directly related to the breach in question. However, either way, it is we strongly urge that all Drizly users, affected or not, change their passwords.