- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By 
Adrianne Appel2022-10-24T21:13:00
The Federal Trade Commission (FTC) announced a tentative settlement with online alcohol delivery platform Drizly and its chief executive officer regarding a data breach affecting 2.5 million consumers and the alleged lax security that allowed it to happen.
The proposed order, released Monday, will be printed in the Federal Register and subjected to a 30-day comment period, after which the FTC may decide to accept it and make it final or withdraw from it.
The agency highlighted the inclusion of Drizly CEO James Cory Rellas in its proposed order for his role in presiding over the company’s alleged security failures.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec. Select an option and click continue.
Annual Membership $499 Value offer
Full price one year membership with auto-renewal.
Membership $599
One-year only, no auto-renewal.
Online alcohol retailer Drizly and its chief executive officer agreed to data security requirements and to be assessed by an independent monitor for up to 20 years as part of a final settlement with the Federal Trade Commission over a data breach that impacted 2.5 million consumers.
The case of the Uber chief security officer found guilty by a jury on two felonies for covering up a data breach and misleading federal regulators opens up another potential individual liability issue executives handling cyber incidents face, according to legal experts.
Joseph Sullivan, the former chief security officer of Uber Technologies, was found guilty of two felonies connected to allegations he covered up a massive data breach at the ridesharing company and misled federal regulators about Uber’s response.
USAA Federal Savings Bank has been hit with its third cease and desist order from the Treasury Department’s Office of the Comptroller of the Currency in the past five years for failing to correct unsafe and unsound banking practices.
Becton Dickinson medical device company will pay $175 million for “repeatedly” misleading investors about its Alaris infusion pump, a product the company knew was flawed and was sold without the required patient-safety approvals, the Securities and Exchange Commission said.
The Securities and Exchange Commission charged bankrupt fashion retailer Express with failing to disclose nearly $1 million in perks to a former chief executive, but did not levy a financial penalty thanks to its cooperation, the SEC said.
