"Online Music Marketplace Suffers Data Breach"

A cybersecurity consultant discovered millions of retailers' records online in an unsecured Elasticsearch server on April 5th.  The consultant was unsure whom the data belonged to. However, upon closer inspection, the consultant noticed many 'test' emails from the @reverb.com domain. Hence, the consultant decided to verify shop slugs against real URLs on Reverb site and quickly confirmed it was all Reverb users' data. Reverb.com is an online marketplace for new, used, and vintage music gear with its headquarters in Chicago, Illinois. The company was founded in 2013 by Chicago Music Exchange owner David Kalt and has more than 10 million monthly visitors.  Information belonging to Bill Ward of Black Sabbath, Jimmy Chamberlin of the Smashing Pumpkins, and Alessandro Cortini of Nine Inch Nails was among the data exposed in the security incident at Reverb.com.  The unsecured  Elasticsearch server contained 5.6 million records containing full names, email addresses, phone numbers, addresses, PayPal email addresses, and listing/order information. The researcher stated that the data exposure could make Reverb.com users vulnerable to cybercrimes, including phishing attacks carried out over email, text, or on the phone. 

Infosecurity reports: "Online Music Marketplace Suffers Data Breach"