Barnes & Noble targeted in cyberattack that exposed customer email addresses and transaction history

Barnes & Noble is hit by cyberattack that exposed customers’ email addresses, phone numbers and transaction history

  • Barnes & Noble alerted customers about the cyberattack in an email Wednesday
  • The bookseller said hackers infiltrated a system that stored transaction history, potentially gaining access to contact information 
  • Credit card and other payment information was not exposed
  • Barnes & Noble said it learned of the hack on October 10 and was contacting customers about it ‘out of the greatest caution’
  • It came on the heels of a widespread outage affecting the firm’s Nook tablets

Barnes & Noble was targeted in a cyberattack that exposed customers’ personal information, including email, billing and shipping addresses. 

The bookseller alerted customers about the ‘unauthorized and unlawful access to certain Barnes & Noble corporate systems’ in an email on Wednesday night. 

It said that the hackers infiltrated a system that stored transaction history, potentially gaining access to contact information that could lead to customers receiving unsolicited emails. 

Credit card and other payment information was not exposed, the email said.  

Barnes & Noble revealed on Wednesday that it was targeted in a cyberattack that may have exposed customers' personal information, including email, billing and shipping addresses

Barnes & Noble revealed on Wednesday that it was targeted in a cyberattack that may have exposed customers’ personal information, including email, billing and shipping addresses

Barnes & Noble said it learned of the hack on October 10 and was contacting customers about it ‘out of the greatest caution’.   

‘To reassure you, there has been no compromise of payment card or other such financial data. These are encrypted and tokenized and not accessible,’ the email stated. 

‘The systems impacted, however, did contain your email address and, if supplied by you, your billing and shipping address and telephone number. 

‘We currently have no evidence of the exposure of any of this data, but we cannot at this stage rule out the possibility.’  

Barnes & Noble alerted customers about the cyberattack in an email Wednesday (pictured)

Barnes & Noble alerted customers about the cyberattack in an email Wednesday (pictured)

While personal data like names, phone numbers and email addresses are not worth much to hackers on their own, such information can be sold on the black market to identity thieves who combine it with other details to create full profiles of people. 

Scammers could also use the email addresses for phishing attacks that try to trick users into clicking on malicious links. 

Barnes & Noble did not say how many customers were affected by the data breach, which comes at a time when bookstores are relying primarily on online sales.  

This is the second major headache for Barnes & Noble in recent days, after a widespread outage with its Nook tablets over the weekend. 

Nook said a ‘system failure’ which blocked some tablet users from purchasing or downloading books was resolved by Tuesday. 

The company is still working to investigate the cause of the outage.  

Advertisement


This post first appeared on dailymail.co.uk