A Wisconsin mattress company leaked the records of 387,000 customers online in a database that lacked password protection, a security researcher has found. Every file contained references to Verlo Mattress Factory and appeared to be customer data, he said in a blog post. The database set with names, emails, home addresses and billing addresses was open and visible in any browser for anyone to edit, download or delete data without administrative credentials. The incident once again demonstrates the potential security consequences of failing to take even the simplest security measures to protect company data.
Source: https://threatpost.com/mattress-company-leaks-data-records-of-387k-customers/148530/