Joining the trail of cybersecurity victims, now appears the bookseller Barnes & Noble as they suffered a cyber attack. The service’s online systems went down following the incident.
Barnes & Noble Cyber Attack
The famous bookseller Barnes & Noble exhibited service disruptions towards the end of the previous week. However, things weren’t clear at that time. Yet, speculation about a malware attack surfaced online shortly after.
According to The Register, customers also suffered serious issues while using the bookseller’s apps
Finally, in a tweet on October 14, 2020, Barnes & Noble confirmed to have suffered a system failure. Though, they didn’t reveal any details of the matter causing this failure
We are continuing to experience a systems failure that is interrupting NOOK content. We are working urgently to get all NOOK services back to full operation. Unfortunately it has taken longer than anticipated, and we sincerely apologize for this inconvenience and frustration. 1/2
— NOOK (@nookBN) October 14, 2020
Though, following the disclosure of the attack, Barnes & Noble sent emails to their customers informing them of the cyber attack. As stated in their email,
It is with the greatest regret we inform you that we were made aware on October 10, 2020, that Barnes & Noble had been the victim of a cybersecurity attack, which resulted in unauthorized and unlawful access to certain Barnes & Noble corporate systems.
However, they did not precisely mention whether it was a malware attack, or more specifically, a ransomware attack.
All they did in a Friday update tweet was to announce pausing the Free Friday.
We’re very sorry — given recent NOOK system issues Free Friday is on pause this week. Please check back next Friday for a new great read.
— NOOK (@nookBN) October 16, 2020
What’s Affected? What Not?
In their email, they confirmed that the incident did not affect the customers’ financial information stored with Barnes & Noble. It’s because the service encrypts all of such data.
Your payment details have not been exposed. Barnes & Noble uses technology that encrypts all credit cards and at no time is there any unencrypted payment information in any Barnes & Noble system.
However, the cyberattack might potentially have affected the personal details of the customers. Though, they haven’t yet found evidence of such an impact.
While we do not know if any personal information was exposed as a result of the attack, we do retain in the impacted systems your billing and shipping addresses, your email address and your telephone number if you have supplied these. We also retain your transaction history, meaning purchase information related to the books and other products that you have bought from us.
For now, no other details are disclosed. Yet, the firm will inform the customers when more details are available.