ShellCodeX Breach Report
Drizly Data Breach
drizly.com
Verified breach
Passwords exposed
Accounts exposed
2,479,044
Breach date
02 Jul 2020
Added to tracker
28 Jul 2020
Data classes
8
What happened
In approximately July 2020, the US-based online alcohol delivery service Drizly suffered a data breach. The data was sold online before being extensively redistributed and contained 2.5 million unique email addresses alongside names, physical and IP addresses, phone numbers, dates of birth and passwords stored as bcrypt hashes. The data was provided to HIBP by dehashed.com.
Exposed data
Dates of birth
Device information
Email addresses
IP addresses
Names
Passwords
Phone numbers
Physical addresses
Recommended actions
- Change your Drizly password immediately, and update it anywhere you reused the same password.
- Enable two-factor authentication on the affected account and on your critical services (email, banking).
- Watch for targeted phishing emails referencing Drizly โ attackers weaponise breach data quickly.
- Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
- Exposed identity data raises identity-theft risk โ consider credit monitoring or a credit freeze.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP