Cyber Incident Victim: Drizly

In July 2020, Drizly experienced a data breach involving approximately 2.5 million user accounts. The incident came to light after threat actor ShinyHunters leaked stolen databases from eighteen companies on a hacker forum around mid-July 2020. Drizly was among the first organizations to publicly acknowledge the breach following external notifications about the leaked data. Exposed information included customer email addresses, hashed passwords, physical addresses, and additional personal details. The breach disclosure occurred days after cybersecurity researchers began contacting affected companies about the forum leaks. Drizly's incident formed part of a larger data exposure event totaling 386 million records across multiple startups. The company did not specify the exact intrusion timeline or method of initial compromise in available disclosures.

Drizly notified affected users about the breach and recommended password resets as a precautionary measure. The company confirmed that hashed passwords were compromised but did not disclose the hashing algorithm used. No evidence suggested financial data was exposed in this incident. Response actions focused on credential security given the potential for password reuse attacks. The breach occurred amid a wave of similar startup compromises attributed to ShinyHunters' mass data leak, with alcohol delivery service users becoming unexpected targets. Drizly's public disclosure aligned with Scentbird's concurrent breach notification, marking the initial wave of acknowledgments from companies impacted by the forum leaks. The incident exposed vulnerabilities in startup data protection practices during a period of increased remote service adoption.