U.S. bookstore giant Barnes & Noble has confirmed it has suffered a cyber attack that exposed customers’ personal data.
Barnes & Noble experienced an outage last week, that affected the company’s cloud unit and the entire Nook system. According to Good e-Reader, multiple users reported at the time they were unable to sync recent purchases to their e-readers, or read most books on their device. The B&N website was also unavailable.
Barnes & Noble said in a statement it has suffered a cyber attack, during which attackers gained unauthorized access to the corporate systems and stole the data, including emails, shipping address, billing address and phone numbers, as well as transaction history. Credit cards or other financial data were not compromised in the attack, as they are encrypted and tokenized.
“It is with the greatest regret we inform you that we were made aware on October 10, 2020 that Barnes & Noble had been the victim of a cybersecurity attack, which resulted in unauthorized and unlawful access to certain Barnes & Noble corporate systems. We write now out of the greatest caution to let you know how this may have exposed some of the information we hold of your personal detail,” the company said in an email sent to its customers.
The company did not reveal the exact nature of the cyber attack, but, according to Good e-Reader, store managers said that Barnes & Noble had a "virus in their networks" that started in the corporate offices and eventually spread to the stores.