It looks like Verlo Mattress Factory forgot to leave off the last "S" for security: A security researcher has come across an open Elastic database set containing 387,000 records associated with customers of Verlo Mattress Factory.

Jeremiah Fowler, senior security researcher with SecurityDiscovery.com, reported that he discovered the non-password protected database on September 5 that had 387,604 records exposing names, phone numbers, emails, home address, billing address. Additionally, login credentials with hashed passwords for internal users were in the folder along with IP addresses, ports, pathways, and storage info that cybercriminals could exploit to access deeper in to the network.

Fowler attempted to contact Verlo multiple times, but received no response. However, the database was locked up shortly after his initial notification to the company.

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.