Zack Whittaker reports:
Urban Massage, a popular massage startup that bills itself as providing “wellness that comes to you,” has leaked its entire customer database.
The London, U.K.-based startup — now known as just Urban— left its Google-hosted ElasticSearch database online without a password, allowing anyone to read hundreds of thousands of customer and staff records. Anyone who knew where to look could access, edit or delete the database.
Security researcher Oliver Hough found the database through Shodan, a search engine for exposed devices and databases, and told TechCrunch of the exposure.
Read more on TechCrunch.