Customer Security Explanation (FTC v. Drizly 2022)¶
Use this to explain a security topic or incident to customers in clear, non-technical language; supports notification obligations and trust.
Purpose¶
This explanation translates technical and legal context from FTC v. Drizly 2022 into clear customer-facing language, focusing on what happened, what protections are in place, and what customers should do. It supports transparent communication while remaining aligned with counsel-reviewed facts.
Hallucinated writing examples¶
Scenario: In an illustrative period following the FTC October 2022 consent order after the July 2020 Drizly breach (time), the Security Director (role) prepares a customer security explanation (type) for leadership stakeholders (audience).
CUSTOMER NOTICE — DATA SECURITY INCIDENT
What Happened: The 2020 incident involved unauthorized access linked to compromised credentials and subsequent access to customer data. Drizly has implemented corrective actions and continues to enhance controls under compliance commitments.
What Information Was Involved: Affected information involved customer account-related data categories previously disclosed in incident communications. Drizly continues to support affected users through dedicated channels.
What We Are Doing: We are strengthening identity controls, secret-management practices, monitoring, and retention governance, and we are tracking progress through formal oversight and assessment processes.
What You Can Do: Monitor your account, use available security protections, and rely on official Drizly channels for updates. Additional support resources are available at [URL].
Document-type guide: Customer Security Explanation
Writing tips: Writing best practices — Customer Security Explanation