ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

Drizly Data Breach

drizly.com
Significant exposure
Verified breach Passwords exposed
Accounts exposed 2,479,044
Breach date 02 Jul 2020
Added to tracker 28 Jul 2020
Data classes 8

What happened

In approximately July 2020, the US-based online alcohol delivery service Drizly suffered a data breach. The data was sold online before being extensively redistributed and contained 2.5 million unique email addresses alongside names, physical and IP addresses, phone numbers, dates of birth and passwords stored as bcrypt hashes. The data was provided to HIBP by dehashed.com.

Exposed data

Dates of birth Device information Email addresses IP addresses Names Passwords Phone numbers Physical addresses

Recommended actions

  • Change your Drizly password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing Drizly โ€” attackers weaponise breach data quickly.
  • Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
  • Exposed identity data raises identity-theft risk โ€” consider credit monitoring or a credit freeze.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP