Reverb has warned customers that a whopping 5.6 million records containing personal information has been exposed as part of a major data breach.
The Etsy-owned musical instrument online marketplace began warning its users that their “contact information, including name, address, phone number and email” has been leaked online.
While Reverb assured that the data was only accessible for a “short period of time”, it recommended that users change their passwords to ensure security of their accounts.
Security researcher Bob Diachenko revealed on Twitter that he had discovered an unsecured Elasticsearch server which contained more than 5.6 million records, later discovered to belong to Reverb.
According to a report by Diachenko, after discovering the data base he “ran a quick check and was able to find several high-profiled sellers details, including Bill Ward of Black Sabbath, Jimmy Chamberlin of the Smashing Pumpkins, Alessandro Cortini of Nine Inch Nails and more.”
READ MORE: Etsy to buy Reverb for $275m
Reverb had reportedly already secured the database by the time Diachenko confirmed it belonged to the site.
Reverb said in its email to users: “As soon as we learned of the issue, we immediately worked to resolve it.
“We conducted an investigation of the situation to determine what happened and are taking steps to prevent something like this happening again.”
Click here to sign up to Charged‘s free daily email newsletter