Mattress giant Tempur Sealy hit with cyberattack forcing system shutdown

This article was updated at 11 a.m. EST on August 3 with details of which ransomware group claimed the cyberattack.

One of the biggest mattress sellers in the world is dealing with a cyberattack that has forced the company to shut down parts of its IT systems.

Tempur Sealy is considered the largest bedding provider in the world due to its control of brands like Tempus, Cocoon, Sealy, and Stearns & Foster. The company, which reported $1.2 billion in net sales last quarter, announced the acquisition of the U.S.’ largest mattress specialty retailer Mattress Firm in May.

The company’s chief financial officer Bhaskar Rao reported to the U.S. Securities and Exchange Commission on Monday morning that Tempur Sealy’s operations had been hindered by a cyberattack which began on July 23.

The company did not respond to requests for comment about whether it is a ransomware attack, but noted in the 8-K filing that they were forced to activate incident response and business continuity plans “designed to contain the incident.”

“This included proactively shutting down certain of the Company’s IT systems, resulting in the temporary interruption of the Company’s operations. Legal counsel, a cybersecurity forensic firm and other incident response professionals have been engaged to advise on the matter,” Rao said.

“The Company has also notified law enforcement authorities. As of the date hereof, the Company has begun the process to bring certain of its critical IT systems back online and has resumed operations.”

IT officials are still investigating the incident and the company is in the process of figuring out what financial impact the attack will have on its business and financial results.

It is unclear whether customer or employee information was involved but the company said it plans to notify regulators if data was leaked.

On Wednesday evening, the AlphV/Black Cat ransomware group took credit for the attack on the company, claiming to have sensitive documents from senior officials.

Hackers have previously gone after the websites of mattress sellers, targeting MyPillow.com and Amerisleep.com in 2019 with tools that allowed them to steal the payment information of customers.