Mattress Giant Tempur Sealy Puts IT Systems to Sleep After Cyber Attack

Tempur Sealy, one of the biggest mattress manufacturers in the world, has been forced to shut down parts of its IT systems following a major cyber attack. 

The mattress manufacturing giant, which reported $1.2 billion in net sales last quarter, told the US Securities and Exchange Commission on Monday that its operations had been tampered with by a cyber attack which began on July 10 2023. 

The company did not reveal whether it had suffered a ransomware attack, but noted in the 8-K filing that they were forced to activate incident response and business continuity plans “designed to contain the incident.”

“The forensic investigation remains ongoing, and the company continues to work to determine whether this incident will have a material impact on its business, operations or financial results,” according to the filing. 

“If the company determines that any personal information was involved, it would endeavour to comply with any reporting obligations it may have with respect to such information under applicable law.”

Tempur Sealy is considered the largest bedding provider in the world due to its control of brands like Tempus, Cocoon, Sealy, and Stearns & Foster.

The firm recently announced the acquisition of the U.S.’ largest mattress speciality retailer Mattress Firm in May, making it the leading provider of mattresses in the world. 

As of Monday, August 1, however, Tempur Sealy’s stock is trading lower following the disruption caused by the cyber incident. 

Tupur Sealy Chief Financial Officer Bhaskar Rao said that the incident had caused a “temporary interruption” of the company’s operations, but it had engaged “Legal Counsel, a cybersecurity forensic firm and other incident response professionals” to advise on the matter.”

“[Tempur Sealy] has also notified law enforcement authorities. As of the date hereof, the Company has begun the process to bring certain of its critical IT systems back online and has resumed operations,” Rao added. 

Cyber bedlam

The cyber attack on Tempur Sealy is just one of the latest cyber attacks forcing companies to shut down critical IT systems to protect their data. 

In July, the recycling giant TOMRA was hit by an “extensive” cyber attack, which forced it to take “immediate action” and push its systems offline as soon as it became aware of the breach. 

In that attack, shutting down the systems prevented the threat actors from accessing any critical information relating to TOMRA employees or customers. 

Martin Mackay, CRO at Versa Networks, says that this immediate action is critical when it comes to mitigating the impact of an attack. 

“The modus operandi of cyber criminals is to affect business up-time and service availability. By disrupting the company’s operations, cybercriminals can impact the financials of an organisation, as well as cause long-term brand damage if orders are delayed or at worse cancelled,” Mackay said. 

Tempur Sealy did have procedures in place to contain the cyber incident. By implementing cyber response plans, Tempur Sealy has been able to get critical IT systems back online, which will ultimately mitigate the potential negative impact the attack could have had on the organisation's reputation.

“Network segmentation, as an example, allows security teams to rapidly locate malware, limit its movement, and ultimately reduce the potential impact of an attack.”