American book giant Barnes & Noble discovered a cyber attack and the fact that threatening individuals were revealing customer details.
Barnes & Noble, Inc. is an American bookseller with the largest number of American stores in fifty states.
The bookstore also managed Nook Digital, a subsidiary of the e-book company and the e-reading platform.
Last weekend, users complained to Nook on Facebook and Twitter that they did not have access to their library of purchased e-books and journals.
In a series of messages posted on Barnes & Noble’s Nook social networking sites, the company stated that it had experienced a system failure and that it was in the process of restoring operations by restoring backups of its servers.
We’re still encountering a system error that interrupts the content of NOOK. We are working urgently to make all NOOK services fully operational again. Unfortunately it took longer than expected and we sincerely apologize for the inconvenience and disappointment. 1/2
– NOC (@nookBN) 14. October 2020
(2/2) Make sure that there is no compromise between the customer’s payment details, which are encoded and encrypted. We hope that the NOC will be fully operational in the near future and we will publish updated information once the systems have been restored. Thank you for your patience.
– NOC (@nookBN) 14. October 2020
In a statement by Fast Company, Barnes & Noble confirmed that its customers’ financial information has not been compromised.
We have a serious network problem and are in the process of restoring backups of our servers, said a statement from the Fast Company, reports Barnes & Noble. Our systems are back online in our stores and on BN.com, and we’re looking for the reason why. Rest assured that there is no compromise between the customer’s payment details, which are encoded and encrypted.
In a series of updates, GoodReader discovered that a virus was present in their networks, according to Barnes & Noble directors.
Several Barnes and Noble branch managers contacted me and told me that there was a virus on their networks. He left the group partly for the stores and also influenced Nook. The cash registers of the physical bookshops are connected to the same network, so that no orders can be placed or processed. Some people in the Responses section reported that some of their Nook accounts had been compromised and that their credit cards had been used by third parties. The Nook Cloud still works, you can’t synchronize or access it through your Nook e-reader or Nook applications, so you won’t see any of the purchases made in the last week.
BleepingComputer confirmed it on the 10th. In October 2020, a cyber attack was carried out against the company, citing as its source an email sent late Wednesday evening to customers, which was noticed.
Threatening topics endanger Barnes & Noble’s network and gain access to the company’s systems.
We regret to inform you that on the 10th… On 10 October 2020, we learned that Barnes & Noble has been the victim of a cyber attack that has resulted in unauthorized and illegal access to certain Barnes & Noble systems.
We are now writing to you with great care to let you know how this may reveal some of the information we have about your personal information, Barnes & Noble said in an email.
The company discovered that the hackers had access to customers’ email addresses, billing and shipping addresses, and purchase history.
At the time of writing, the company had not yet provided details of the attack, such as the family of malware that infected its systems. The exchange of information about the cyber attacks suggests that the company was the victim of a ransom attack.
In August, the ZDNet website only reported that a list of passwords for over 900 corporate VPN servers was distributed to a forum of Russian-speaking hackers. Experts noted that the list of Pulse VPN identifiers collected with the broken CVE-2019-11510 also includes Barnes & Noble accounts.
Depending on the family of extortion programs that would have infected the company’s systems, we cannot rule out the possibility that extortion program operators may disclose stolen data at the site of the leak to threaten Barnes & Noble.
(Security issues – Hacking, malware)
egregor ransomware,barnes and noble